From 4b055e786bc41dbda8ca13ef3287c6cd83575bc9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 23 Jul 2025 18:23:07 +0000 Subject: [PATCH 01/52] chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 Bumps [github.com/spf13/pflag](https://github.com/spf13/pflag) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](https://github.com/spf13/pflag/compare/v1.0.6...v1.0.7) --- updated-dependencies: - dependency-name: github.com/spf13/pflag dependency-version: 1.0.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 7f0569303d0..5667e998c50 100644 --- a/go.mod +++ b/go.mod @@ -47,7 +47,7 @@ require ( github.com/sigstore/protobuf-specs v0.5.0 github.com/sigstore/sigstore-go v1.1.0 github.com/spf13/cobra v1.9.1 - github.com/spf13/pflag v1.0.6 + github.com/spf13/pflag v1.0.7 github.com/stretchr/testify v1.10.0 github.com/theupdateframework/go-tuf/v2 v2.1.1 github.com/yuin/goldmark v1.7.12 diff --git a/go.sum b/go.sum index 5433198cd03..cd23474dc81 100644 --- a/go.sum +++ b/go.sum @@ -1363,8 +1363,9 @@ github.com/spf13/cast v1.9.2 h1:SsGfm7M8QOFtEzumm7UZrZdLLquNdzFYfIbEXntcFbE= github.com/spf13/cast v1.9.2/go.mod h1:jNfB8QC9IA6ZuY2ZjDp0KtFO2LZZlg4S/7bzP6qqeHo= github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.7 h1:vN6T9TfwStFPFM5XzjsvmzZkLuaLX+HS+0SeFLRgU6M= +github.com/spf13/pflag v1.0.7/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.20.1 h1:ZMi+z/lvLyPSCoNtFCpqjy0S4kPbirhpTMwl8BkW9X4= github.com/spf13/viper v1.20.1/go.mod h1:P9Mdzt1zoHIG8m2eZQinpiBjo6kCmZSKBClNNqjJvu4= github.com/spiffe/go-spiffe/v2 v2.5.0 h1:N2I01KCUkv1FAjZXJMwh95KK1ZIQLYbPfhaxw8WS0hE= From 99516d64bae63193ff74727ff92d3c4e98294713 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Wed, 23 Jul 2025 15:29:32 -0400 Subject: [PATCH 02/52] Regenerate third-party licenses on trunk pushes Fixes #11270 This commit refactors the work done in #11047 of blocking pull requests for manual `third-party` license updates to having GitHub Actions automatically update it on pushes to `trunk`. This will allow maintainers to streamline Dependabot PR reviews while reducing contributor friction when changing dependencies. --- .github/workflows/lint.yml | 16 ------- .github/workflows/third-party-licenses.yml | 49 ++++++++++++++++++++++ 2 files changed, 49 insertions(+), 16 deletions(-) create mode 100644 .github/workflows/third-party-licenses.yml diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 5281a46d009..5afe6cd2ff7 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -7,15 +7,11 @@ on: - "**.go" - go.mod - go.sum - - ".github/licenses.tmpl" - - "script/licenses*" pull_request: paths: - "**.go" - go.mod - go.sum - - ".github/licenses.tmpl" - - "script/licenses*" permissions: contents: read jobs: @@ -50,18 +46,6 @@ jobs: with: version: v2.1.6 - # actions/setup-go does not setup the installed toolchain to be preferred over the system install, - # which causes go-licenses to raise "Package ... does not have module info" errors. - # for more information, https://github.com/google/go-licenses/issues/244#issuecomment-1885098633 - # - # go-licenses has been pinned for automation use. - - name: Check licenses - run: | - export GOROOT=$(go env GOROOT) - export PATH=${GOROOT}/bin:$PATH - go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e - make licenses-check - # Discover vulnerabilities within Go standard libraries used to build GitHub CLI using govulncheck. govulncheck: runs-on: ubuntu-latest diff --git a/.github/workflows/third-party-licenses.yml b/.github/workflows/third-party-licenses.yml new file mode 100644 index 00000000000..b9d29e9dcfd --- /dev/null +++ b/.github/workflows/third-party-licenses.yml @@ -0,0 +1,49 @@ +name: Third Party Licenses +on: + push: + branches: + - trunk + paths: + - go.mod + - go.sum + - ".github/licenses.tmpl" + - "script/licenses*" +jobs: + # This job is responsible for updating the third-party license reports and source code. + # It should be safe to cancel as the latest version of `go.mod` should be checked in. + regenerate-licenses: + runs-on: ubuntu-latest + concurrency: + group: ${{ github.workflow }} + cancel-in-progress: true + steps: + - name: Check out code + uses: actions/checkout@v4 + with: + token: ${{ secrets.AUTOMATION_TOKEN }} + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + + - name: Regenerate licenses + run: | + export GOROOT=$(go env GOROOT) + export PATH=${GOROOT}/bin:$PATH + go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e + make licenses + git diff + + - name: Commit and push changes + run: | + if git diff --exit-code; then + echo "No third-party license changes to commit" + else + git config --local user.name "github-actions[bot]" + git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" + git add third-party third-party-licenses.*.md + git commit -m "Generate licenses - $GITHUB_SHA" + git pull + git push origin + fi From 45876eddc290075e4ad148b5028f26b6472b09de Mon Sep 17 00:00:00 2001 From: Sukh Date: Mon, 23 Jun 2025 13:19:37 -0400 Subject: [PATCH 03/52] docs(search): add note for exclusion search syntax --- pkg/cmd/search/code/code.go | 3 +++ pkg/cmd/search/commits/commits.go | 3 +++ pkg/cmd/search/issues/issues.go | 3 +++ pkg/cmd/search/prs/prs.go | 3 +++ pkg/cmd/search/repos/repos.go | 3 +++ 5 files changed, 15 insertions(+) diff --git a/pkg/cmd/search/code/code.go b/pkg/cmd/search/code/code.go index d03526c4d9e..3a439e5cd7b 100644 --- a/pkg/cmd/search/code/code.go +++ b/pkg/cmd/search/code/code.go @@ -46,6 +46,9 @@ func NewCmdCode(f *cmdutil.Factory, runF func(*CodeOptions) error) *cobra.Comman Note that these search results are powered by what is now a legacy GitHub code search engine. The results might not match what is seen on %[1]sgithub.com%[1]s, and new features like regex search are not yet available via the GitHub API. + + Note: When using GitHub search syntax to exclude results (e.g. '-language:xml'), you must use + a '--' delimiter before the search query to separate it from command flags. `, "`"), Example: heredoc.Doc(` # Search code matching "react" and "lifecycle" diff --git a/pkg/cmd/search/commits/commits.go b/pkg/cmd/search/commits/commits.go index fb1742dc9da..161ecc6a93c 100644 --- a/pkg/cmd/search/commits/commits.go +++ b/pkg/cmd/search/commits/commits.go @@ -45,6 +45,9 @@ func NewCmdCommits(f *cmdutil.Factory, runF func(*CommitsOptions) error) *cobra. GitHub search syntax is documented at: + + Note: When using GitHub search syntax to exclude results (e.g. '-user:monalisa'), you must use + a '--' delimiter before the search query to separate it from command flags. `), Example: heredoc.Doc(` # Search commits matching set of keywords "readme" and "typo" diff --git a/pkg/cmd/search/issues/issues.go b/pkg/cmd/search/issues/issues.go index e1f4105aea4..af6e9d64c83 100644 --- a/pkg/cmd/search/issues/issues.go +++ b/pkg/cmd/search/issues/issues.go @@ -34,6 +34,9 @@ func NewCmdIssues(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *c GitHub search syntax is documented at: + + Note: When using GitHub search syntax to exclude results (e.g. '-label:bug'), you must use + a '--' delimiter before the search query to separate it from command flags. `), Example: heredoc.Doc(` # Search issues matching set of keywords "readme" and "typo" diff --git a/pkg/cmd/search/prs/prs.go b/pkg/cmd/search/prs/prs.go index f7a96c5bf01..b268ea3e5ce 100644 --- a/pkg/cmd/search/prs/prs.go +++ b/pkg/cmd/search/prs/prs.go @@ -36,6 +36,9 @@ func NewCmdPrs(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *cobr GitHub search syntax is documented at: + + Note: When using GitHub search syntax to exclude results (e.g. '-label:bug'), you must use + a '--' delimiter before the search query to separate it from command flags. `), Example: heredoc.Doc(` # Search pull requests matching set of keywords "fix" and "bug" diff --git a/pkg/cmd/search/repos/repos.go b/pkg/cmd/search/repos/repos.go index 2815ee6dc2b..733d7b7c467 100644 --- a/pkg/cmd/search/repos/repos.go +++ b/pkg/cmd/search/repos/repos.go @@ -46,6 +46,9 @@ func NewCmdRepos(f *cmdutil.Factory, runF func(*ReposOptions) error) *cobra.Comm GitHub search syntax is documented at: + + Note: When using GitHub search syntax to exclude results (e.g. '-topic:linux'), you must use + a '--' delimiter before the search query to separate it from command flags. `), Example: heredoc.Doc(` # Search repositories matching set of keywords "cli" and "shell" From 254119e49880b1dbc6ca2c0fa66c5a6a6d8d346a Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Fri, 25 Jul 2025 17:23:45 -0600 Subject: [PATCH 04/52] Add help topic for search syntax in gh commands Introduces a new help topic explaining how to use exclusion qualifiers in GitHub search syntax with gh commands, including platform-specific instructions for Unix-like systems and PowerShell. Provides links to relevant documentation for further reference. Co-Authored-By: Sid <41968447+sukhpreet-s@users.noreply.github.com> --- pkg/cmd/root/help_topic.go | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/pkg/cmd/root/help_topic.go b/pkg/cmd/root/help_topic.go index a375d9e2050..6ea626e0673 100644 --- a/pkg/cmd/root/help_topic.go +++ b/pkg/cmd/root/help_topic.go @@ -304,6 +304,35 @@ var HelpTopics = []helpTopic{ control some behavior. `), }, + { + name: "search", + short: "Search syntax for gh commands", + long: heredoc.Docf(` + Excluding search results that match a qualifier + + In a browser, the GitHub search syntax supports excluding results that match a search qualifier + by prefixing the qualifier with a hyphen. For example, to search for issues that + do not have the label "bug", you would use %[1]s-label:bug%[1]s as a search qualifier. + + %[1]sgh%[1]s supports this syntax in %[1]sgh search%[1]s as well, but it requires extra + syntax to avoid the hyphen being interpreted as a command line flag because it begins with a hyphen. + + On Unix-like systems, you can use the %[1]s--%[1]s argument to indicate that + the arguments that follow are not a flag, but rather a query string. For example: + + $ gh search issues -- "my-search-query -label:bug" + + On PowerShell, you must use both the %[1]s--%[2]s%[1]s argument and the %[1]s--%[1]s argument to + produce the same effect. For example: + + $ gh --%[2]s search issues -- "my search query -label:bug" + + See the following for more information: + - GitHub search syntax: + - The PowerShell stop parse flag %[1]s--%[2]s%[1]s: + - The Unix-like %[1]s--%[1]s argument: + `, "`", "%"), + }, } func NewCmdHelpTopic(ios *iostreams.IOStreams, ht helpTopic) *cobra.Command { From dd0a0b3045fde60f8fd2bec7c0b1435173b80fa1 Mon Sep 17 00:00:00 2001 From: Sukh Date: Fri, 25 Jul 2025 19:49:59 -0400 Subject: [PATCH 05/52] docs(search): add reference to `gh help search` --- pkg/cmd/search/code/code.go | 3 +-- pkg/cmd/search/commits/commits.go | 7 +++---- pkg/cmd/search/issues/issues.go | 7 +++---- pkg/cmd/search/prs/prs.go | 7 +++---- pkg/cmd/search/repos/repos.go | 7 +++---- 5 files changed, 13 insertions(+), 18 deletions(-) diff --git a/pkg/cmd/search/code/code.go b/pkg/cmd/search/code/code.go index 3a439e5cd7b..5e80c1017f2 100644 --- a/pkg/cmd/search/code/code.go +++ b/pkg/cmd/search/code/code.go @@ -47,8 +47,7 @@ func NewCmdCode(f *cmdutil.Factory, runF func(*CodeOptions) error) *cobra.Comman The results might not match what is seen on %[1]sgithub.com%[1]s, and new features like regex search are not yet available via the GitHub API. - Note: When using GitHub search syntax to exclude results (e.g. '-language:xml'), you must use - a '--' delimiter before the search query to separate it from command flags. + For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. `, "`"), Example: heredoc.Doc(` # Search code matching "react" and "lifecycle" diff --git a/pkg/cmd/search/commits/commits.go b/pkg/cmd/search/commits/commits.go index 161ecc6a93c..ed5d1f758cb 100644 --- a/pkg/cmd/search/commits/commits.go +++ b/pkg/cmd/search/commits/commits.go @@ -37,7 +37,7 @@ func NewCmdCommits(f *cmdutil.Factory, runF func(*CommitsOptions) error) *cobra. cmd := &cobra.Command{ Use: "commits []", Short: "Search for commits", - Long: heredoc.Doc(` + Long: heredoc.Docf(` Search for commits on GitHub. The command supports constructing queries using the GitHub search syntax, @@ -46,9 +46,8 @@ func NewCmdCommits(f *cmdutil.Factory, runF func(*CommitsOptions) error) *cobra. GitHub search syntax is documented at: - Note: When using GitHub search syntax to exclude results (e.g. '-user:monalisa'), you must use - a '--' delimiter before the search query to separate it from command flags. - `), + For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. + `, "`"), Example: heredoc.Doc(` # Search commits matching set of keywords "readme" and "typo" $ gh search commits readme typo diff --git a/pkg/cmd/search/issues/issues.go b/pkg/cmd/search/issues/issues.go index af6e9d64c83..0edca4b31f5 100644 --- a/pkg/cmd/search/issues/issues.go +++ b/pkg/cmd/search/issues/issues.go @@ -26,7 +26,7 @@ func NewCmdIssues(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *c cmd := &cobra.Command{ Use: "issues []", Short: "Search for issues", - Long: heredoc.Doc(` + Long: heredoc.Docf(` Search for issues on GitHub. The command supports constructing queries using the GitHub search syntax, @@ -35,9 +35,8 @@ func NewCmdIssues(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *c GitHub search syntax is documented at: - Note: When using GitHub search syntax to exclude results (e.g. '-label:bug'), you must use - a '--' delimiter before the search query to separate it from command flags. - `), + For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. + `, "`"), Example: heredoc.Doc(` # Search issues matching set of keywords "readme" and "typo" $ gh search issues readme typo diff --git a/pkg/cmd/search/prs/prs.go b/pkg/cmd/search/prs/prs.go index b268ea3e5ce..39203f5fbc8 100644 --- a/pkg/cmd/search/prs/prs.go +++ b/pkg/cmd/search/prs/prs.go @@ -28,7 +28,7 @@ func NewCmdPrs(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *cobr cmd := &cobra.Command{ Use: "prs []", Short: "Search for pull requests", - Long: heredoc.Doc(` + Long: heredoc.Docf(` Search for pull requests on GitHub. The command supports constructing queries using the GitHub search syntax, @@ -37,9 +37,8 @@ func NewCmdPrs(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *cobr GitHub search syntax is documented at: - Note: When using GitHub search syntax to exclude results (e.g. '-label:bug'), you must use - a '--' delimiter before the search query to separate it from command flags. - `), + For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. + `, "`"), Example: heredoc.Doc(` # Search pull requests matching set of keywords "fix" and "bug" $ gh search prs fix bug diff --git a/pkg/cmd/search/repos/repos.go b/pkg/cmd/search/repos/repos.go index 733d7b7c467..a7116dd5885 100644 --- a/pkg/cmd/search/repos/repos.go +++ b/pkg/cmd/search/repos/repos.go @@ -38,7 +38,7 @@ func NewCmdRepos(f *cmdutil.Factory, runF func(*ReposOptions) error) *cobra.Comm cmd := &cobra.Command{ Use: "repos []", Short: "Search for repositories", - Long: heredoc.Doc(` + Long: heredoc.Docf(` Search for repositories on GitHub. The command supports constructing queries using the GitHub search syntax, @@ -47,9 +47,8 @@ func NewCmdRepos(f *cmdutil.Factory, runF func(*ReposOptions) error) *cobra.Comm GitHub search syntax is documented at: - Note: When using GitHub search syntax to exclude results (e.g. '-topic:linux'), you must use - a '--' delimiter before the search query to separate it from command flags. - `), + For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. + `, "`"), Example: heredoc.Doc(` # Search repositories matching set of keywords "cli" and "shell" $ gh search repos cli shell From 73f6acc709e18d823fcb91df73de3932e75792f7 Mon Sep 17 00:00:00 2001 From: Sukh Date: Fri, 25 Jul 2025 19:56:39 -0400 Subject: [PATCH 06/52] docs(help): rename `search-syntax` help topic --- pkg/cmd/root/help_topic.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/cmd/root/help_topic.go b/pkg/cmd/root/help_topic.go index 6ea626e0673..322bc4f775c 100644 --- a/pkg/cmd/root/help_topic.go +++ b/pkg/cmd/root/help_topic.go @@ -305,7 +305,7 @@ var HelpTopics = []helpTopic{ `), }, { - name: "search", + name: "search-syntax", short: "Search syntax for gh commands", long: heredoc.Docf(` Excluding search results that match a qualifier From 65c7ebc79eec996dfa29f02bc5ebe6cf20600b71 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Mon, 28 Jul 2025 17:16:56 -0400 Subject: [PATCH 07/52] v1 project feature detection spike using version These changes are demonstrating how `gh` commands that support v1 classic projects can determine if support exists by checking the GHES server version. --- .../featuredetection/feature_detection.go | 28 ++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/internal/featuredetection/feature_detection.go b/internal/featuredetection/feature_detection.go index a2f34a60bec..702b9619fd9 100644 --- a/internal/featuredetection/feature_detection.go +++ b/internal/featuredetection/feature_detection.go @@ -5,6 +5,7 @@ import ( "github.com/cli/cli/v2/api" "github.com/cli/cli/v2/internal/gh" + "github.com/hashicorp/go-version" "golang.org/x/sync/errgroup" ghauth "github.com/cli/go-gh/v2/pkg/auth" @@ -205,12 +206,37 @@ func (d *detector) RepositoryFeatures() (RepositoryFeatures, error) { return features, nil } +const ( + enterpriseProjectsV1Removed = "3.17.0" +) + func (d *detector) ProjectsV1() gh.ProjectsV1Support { // Currently, projects v1 support is entirely dependent on the host. As this is deprecated in GHES, // we will do feature detection on whether the GHES version has support. - if ghauth.IsEnterprise(d.host) { + if !ghauth.IsEnterprise(d.host) { + return gh.ProjectsV1Unsupported + } + + hostVersion, hostVersionErr := resolveEnterpriseVersion(d.httpClient, d.host) + v1ProjectCutoffVersion, v1ProjectCutoffVersionErr := version.NewVersion(enterpriseProjectsV1Removed) + + if hostVersionErr == nil && v1ProjectCutoffVersionErr == nil && hostVersion.LessThan(v1ProjectCutoffVersion) { return gh.ProjectsV1Supported } return gh.ProjectsV1Unsupported } + +func resolveEnterpriseVersion(httpClient *http.Client, host string) (*version.Version, error) { + var metaResponse struct { + InstalledVersion string `json:"installed_version"` + } + + apiClient := api.NewClientFromHTTP(httpClient) + err := apiClient.REST(host, "GET", "meta", nil, &metaResponse) + if err != nil { + return nil, err + } + + return version.NewVersion(metaResponse.InstalledVersion) +} From 3d5675f5f71d8b32ec9e650d28caec01ff25a19f Mon Sep 17 00:00:00 2001 From: "Babak K. Shandiz" Date: Thu, 31 Jul 2025 15:24:08 +0100 Subject: [PATCH 08/52] Improve spam detection evals (#11419) * ci: improve spam detection evals Signed-off-by: Babak K. Shandiz * ci: make test case names consistent Signed-off-by: Babak K. Shandiz * ci: remove ill-indented/redundant test case Signed-off-by: Babak K. Shandiz --------- Signed-off-by: Babak K. Shandiz --- .../scripts/spam-detection/eval-prompts.yml | 251 +++++++----------- 1 file changed, 100 insertions(+), 151 deletions(-) diff --git a/.github/workflows/scripts/spam-detection/eval-prompts.yml b/.github/workflows/scripts/spam-detection/eval-prompts.yml index be7efddfcb7..15c61ff76f3 100644 --- a/.github/workflows/scripts/spam-detection/eval-prompts.yml +++ b/.github/workflows/scripts/spam-detection/eval-prompts.yml @@ -10,126 +10,6 @@ evaluators: string: equals: "{{expected}}" testData: - - name: not-spam, staff issue - expected: PASS - input: | - - Automatically update third party licenses during Dependabot PRs - - - - ## Overview - - With `cli/cli` lint process erring if 3rd party license information is not updated in https://github.com/cli/cli/pull/11047, Dependabot PRs will require maintainers to manually run `make licenses`. - - Recently, @williammartin opened https://github.com/cli/cli/pull/11269 with the [`script/fix-dependabot-licenses.sh`](https://github.com/cli/cli/blob/26d70bfb7bcc0b41dbdd50bfc51f827f1a5ad4c4/script/fix-dependabot-licenses.sh) script for maintainers to run that will find all Dependabot PRs and attempt to fix them where the lint workflow failed. This script is a manual repair effort, however it is possible to [use a GitHub Actions workflow to run the `make license` script for Dependabot PRs](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions): - - > ```yaml - > name: Dependabot fetch metadata - > on: pull_request - > - > permissions: - > pull-requests: write - > issues: write - > - > jobs: - > dependabot: - > runs-on: ubuntu-latest - > if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'owner/my_repo' - > steps: - > - name: Dependabot metadata - > id: metadata - > uses: dependabot/fetch-metadata@d7267f607e9d3fb96fc2fbe83e0af444713e90b7 - > with: - > github-token: "${{ secrets.GITHUB_TOKEN }}" - > # The following properties are now available: - > # - steps.metadata.outputs.dependency-names - > # - steps.metadata.outputs.dependency-type - > # - steps.metadata.outputs.update-type - > ``` - - This issue is aimed at implementing GitHub Actions workflow changes that will automatically update `third-party` license source code and `third-party-*.md` reports, eliminating the need for maintainers to manually repair Dependabot PRs. - - > [!NOTE] - > To download the `script/fix-dependabot-licenses.sh` script, run the following command: - > ```shell - > curl -o fix-dependabot-licenses.sh https://raw.githubusercontent.com/cli/cli/26d70bfb7bcc0b41dbdd50bfc51f827f1a5ad4c4/script/fix-dependabot-licenses.sh - > ``` - > - > Or checkout the original PR: - > - > ```shell - > gh pr checkout https://github.com/cli/cli/pull/11269 - > ``` - - ## Expected outcomes - - - When Dependabot PRs are opened, automation attempts to regenerate and commit updated license information via `make licenses` - - When Dependabot PRs are updated, status checks pass without maintainer action outside of reviewing PR - - name: not-spam, template-based - spam: true - title: | - Incorrect check summary with v2.45 and v2.75 - body: | - ### Describe the bug - - I got below confusing reports with v2.45 CLI on Ubuntu 22.04: - - ```sh - $ gh pr status - - Relevant pull requests in micropython/micropython - ... - Created by you - #17660 tests/extmod: Close UDP timely. [yf13:pull-udp-close] - ✓ Checks passing - #17638 unix/make: Drop i686-linux-gnu path. [yf13:pull-drop-i686-linux-gnu] - × 1/94 checks failing - $ gh pr checks 17638 - All checks were successful - 0 cancelled, 0 failing, 48 successful, 0 skipped, and 0 pending checks - ``` - I downloaded latest v2.75 CLI but it is the same. - - Meanwhile. from browser UI it seems checks passed. - - ### Affected version - - Please run `gh version` and paste the output below. - - ``` - $ gh version - gh version 2.75.0 (2025-07-09) - https://github.com/cli/cli/releases/tag/v2.75.0 - ``` - - ### Steps to reproduce the behavior - - see above descriptions. - - ### Expected vs actual behavior - - A clear and concise description of what you expected to happen and what actually happened. - - ### Logs - - Paste the activity from your command line. Redact if needed. - - - - - - name: not-spam, short/focused - expected: PASS - input: | - - Include `isImmutable` in `release list` - - - - Update the list of available JSON fields in the `release list` command to include `isImmutable` flag. - - This boolean flag indicates whether a particular release has been marked as immutable. - - name: spam, two words expected: FAIL input: | @@ -295,34 +175,6 @@ testData: Add any other context like screenshots or mockups are helpful, if applicable. - - name: 'spam, legit but too general #10368 (https://github.com/cli/cli/issues/10368)' - expected: FAIL - input: |- - - Instructions in install_linux.md do not result in installation - - - - ### Describe the bug - - Bug: the instructions meant to install gh instead don't install gh. - - ### Affected version - - Latest - - ### Steps to reproduce the behavior - - Follow instructions in install_linux.md - - ### Expected vs actual behavior - - Expect: gh is installed and can be used. - - ### Logs - - A bunch of errors - - name: 'spam, #11304 (https://github.com/cli/cli/issues/11304)' expected: FAIL input: |- @@ -820,6 +672,106 @@ testData: - name: 'spam, #9928 (https://github.com/cli/cli/issues/9928)' expected: FAIL input: "\nNote that an earlier version of the instructions used the location `/usr/share/keyrings` instead of `/etc/apt/keyrings` in the `sources.list.d` file, so I had to update that to make it work with the above update instructions, and remove the old keyring file from `/usr/share/keyrings`.\n\n\n\n Note that an earlier version of the instructions used the location `/usr/share/keyrings` instead of `/etc/apt/keyrings` in the `sources.list.d` file, so I had to update that to make it work with the above update instructions, and remove the old keyring file from `/usr/share/keyrings`.\r\n\r\nAlternatively, one could of course download the updated key to `/usr/share/keyrings`, but we don't really want to pollute `/usr` with non-packaged files!\r\n\r\n_Originally posted by @rrthomas in https://github.com/cli/cli/issues/9569#issuecomment-2333981674_\r\n \n" + - name: 'spam, #10075 (https://github.com/cli/cli/issues/10075)' + expected: FAIL + input: "\nRHEL 9 installation update\n\n\n\n### Describe the bug\r\n\r\nsteps to install on RHEL9 \r\n\r\n### Steps to reproduce the behavior\r\n\r\n\r\n### Expected vs actual behavior\r\n\r\n```\r\nsudo dnf install dnf-plugins-core.noarch\r\nsudo dnf config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo\r\nsudo dnf install gh --repo gh-cli\r\n```\n" + - name: not spam, staff issue + expected: PASS + input: | + + Automatically update third party licenses during Dependabot PRs + + + + ## Overview + + With `cli/cli` lint process erring if 3rd party license information is not updated in https://github.com/cli/cli/pull/11047, Dependabot PRs will require maintainers to manually run `make licenses`. + + Recently, @williammartin opened https://github.com/cli/cli/pull/11269 with the [`script/fix-dependabot-licenses.sh`](https://github.com/cli/cli/blob/26d70bfb7bcc0b41dbdd50bfc51f827f1a5ad4c4/script/fix-dependabot-licenses.sh) script for maintainers to run that will find all Dependabot PRs and attempt to fix them where the lint workflow failed. This script is a manual repair effort, however it is possible to [use a GitHub Actions workflow to run the `make license` script for Dependabot PRs](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions): + + > ```yaml + > name: Dependabot fetch metadata + > on: pull_request + > + > permissions: + > pull-requests: write + > issues: write + > + > jobs: + > dependabot: + > runs-on: ubuntu-latest + > if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'owner/my_repo' + > steps: + > - name: Dependabot metadata + > id: metadata + > uses: dependabot/fetch-metadata@d7267f607e9d3fb96fc2fbe83e0af444713e90b7 + > with: + > github-token: "${{ secrets.GITHUB_TOKEN }}" + > # The following properties are now available: + > # - steps.metadata.outputs.dependency-names + > # - steps.metadata.outputs.dependency-type + > # - steps.metadata.outputs.update-type + > ``` + + This issue is aimed at implementing GitHub Actions workflow changes that will automatically update `third-party` license source code and `third-party-*.md` reports, eliminating the need for maintainers to manually repair Dependabot PRs. + + > [!NOTE] + > To download the `script/fix-dependabot-licenses.sh` script, run the following command: + > ```shell + > curl -o fix-dependabot-licenses.sh https://raw.githubusercontent.com/cli/cli/26d70bfb7bcc0b41dbdd50bfc51f827f1a5ad4c4/script/fix-dependabot-licenses.sh + > ``` + > + > Or checkout the original PR: + > + > ```shell + > gh pr checkout https://github.com/cli/cli/pull/11269 + > ``` + + ## Expected outcomes + + - When Dependabot PRs are opened, automation attempts to regenerate and commit updated license information via `make licenses` + - When Dependabot PRs are updated, status checks pass without maintainer action outside of reviewing PR + + - name: not spam, short/focused + expected: PASS + input: | + + Include `isImmutable` in `release list` + + + + Update the list of available JSON fields in the `release list` command to include `isImmutable` flag. + + This boolean flag indicates whether a particular release has been marked as immutable. + + - name: 'not spam, legit but too general #10368 (https://github.com/cli/cli/issues/10368)' + expected: PASS + input: |- + + Instructions in install_linux.md do not result in installation + + + + ### Describe the bug + + Bug: the instructions meant to install gh instead don't install gh. + + ### Affected version + + Latest + + ### Steps to reproduce the behavior + + Follow instructions in install_linux.md + + ### Expected vs actual behavior + + Expect: gh is installed and can be used. + + ### Logs + + A bunch of errors + - name: 'not spam, #11277 (https://github.com/cli/cli/issues/11277)' expected: PASS input: |- @@ -4482,9 +4434,6 @@ testData: - name: 'not spam, #10076 (https://github.com/cli/cli/issues/10076)' expected: PASS input: "\n`gh run list` does not work with organization ruleset required workflows\n\n\n\n### Describe the bug\r\n\r\nSimilar bug mentioned https://github.com/cli/cli/issues/3437, but gh run view or list all return a 404. The URL returned seems right based on REST api docs but not getting any response. When comparing the ID `gh run list` doesn't seem to be correct based on the ids from `gh workflow list`\r\n\r\n**gh cli version:** `gh version 2.63.2 (2024-12-05)`\r\n**ghe version:** `3.13.4`\r\n\r\n### Steps to reproduce the behavior\r\n\r\n1. Complete login to the enterprise server with Github CLI\r\n2. Go to a repository directory that uses that server as a remote\r\n3. Run gh run list returns 404\r\n\r\n### Expected vs actual behavior\r\n\r\nThe gh run list prints out list of workflow runs for the repo to choose from\r\n\r\n### Logs\r\n\r\n```bash\r\n[git remote -v]\r\n[git config --get-regexp ^remote\\..*\\.gh-resolved$]\r\n* Request at 2024-12-13 00:23:19.723417 -0600 CST m=+0.101249251\r\n* Request to https://{SERVER_URL}/api/graphql\r\n* Request took 281.385ms\r\n⣾* Request at 2024-12-13 00:23:20.040818 -0600 CST m=+0.418510918\r\n* Request to https://{SERVER_URL}/api/v3/repos/{ORG}/{REPO}/actions/runs?per_page=20&exclude_pull_requests=true\r\n⢿* Request took 421.362291ms\r\n⡿* Request at 2024-12-13 00:23:20.534045 -0600 CST m=+0.911535293\r\n* Request to https://{SERVER_URL}/api/v3/repos/{ORG}/{REPO}/actions/workflows?per_page=100&page=1\r\n⣟* Request took 105.218541ms\r\n* Request at 2024-12-13 00:23:20.700194 -0600 CST m=+1.077616418\r\n* Request to https://{SERVER_URL}/api/v3/repos/{ORG}/{REPO}/actions/workflows/63737\r\n⣯* Request took 121.476458ms\r\nfailed to get runs: HTTP 404: Not Found (https://{SERVER_URL}/api/v3/repos/{ORG}/{REPO}/actions/workflows/63737)\r\n```\r\n" - - name: 'not spam, #10075 (https://github.com/cli/cli/issues/10075)' - expected: PASS - input: "\nRHEL 9 installation update\n\n\n\n### Describe the bug\r\n\r\nsteps to install on RHEL9 \r\n\r\n### Steps to reproduce the behavior\r\n\r\n\r\n### Expected vs actual behavior\r\n\r\n```\r\nsudo dnf install dnf-plugins-core.noarch\r\nsudo dnf config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo\r\nsudo dnf install gh --repo gh-cli\r\n```\n" - name: 'not spam, #10073 (https://github.com/cli/cli/issues/10073)' expected: PASS input: "\n`gh gist delete` does not prompt for a gist to delete or prompt for confirmation before deletion\n\n\n\n### Describe the bug\n\n- `gh gist delete` doesn't prompt for a gist to delete. This seems like it might be an oversight when compared to the behavior of other `gh gist` and `gh delete` operations.\n- `gh gist delete` should prompt for a gist to delete and confirm the selection to delete.\n- `gh gist delete` also does not currently support `--yes` for non-interactive confirmation - perhaps it should? \n\n### Steps to reproduce the behavior\n\n```\ngh gist delete\n```\n### Expected vs actual behavior\n\n**Expected**\n\n```\n❯ gh gist delete\n? Select a gist to delete [Use arrows to move, type to filter]\n> test.md test gist about 4 days ago\n draft.md about 2 months ago\n? Are you sure you want to delete gist test.md (Y/n)\n```\n\n**Actual**\n```\ngh gist delete\n❯ gh gist delete\ncannot delete: gist argument required\n\nUsage: gh gist delete { | } [flags]\n```\n\n### Notes\n\nDiscovered in #10042 \n" From f1996cd57165c72bba6f5534ffd9f31c6b6ea12a Mon Sep 17 00:00:00 2001 From: "Babak K. Shandiz" Date: Thu, 31 Jul 2025 15:29:54 +0100 Subject: [PATCH 09/52] ci: anchor regexp for `help wanted` label Signed-off-by: Babak K. Shandiz --- .github/workflows/scripts/check-help-wanted.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scripts/check-help-wanted.sh b/.github/workflows/scripts/check-help-wanted.sh index 75462ddb963..dd58586ddfa 100755 --- a/.github/workflows/scripts/check-help-wanted.sh +++ b/.github/workflows/scripts/check-help-wanted.sh @@ -56,7 +56,7 @@ for issue_num in $CLOSING_ISSUES; do fi # Check if 'help wanted' label exists - if ! echo "$LABELS" | grep -q "help wanted"; then + if ! echo "$LABELS" | grep -qE '^help wanted$'; then ISSUES_WITHOUT_HELP_WANTED+=("$issue_num") echo "Issue #$issue_num does not have 'help wanted' label" else From be67a350b88a72953cdf55955933abf17f54ea56 Mon Sep 17 00:00:00 2001 From: "Babak K. Shandiz" Date: Thu, 31 Jul 2025 15:34:06 +0100 Subject: [PATCH 10/52] ci: use `help wanted` label link in comment Signed-off-by: Babak K. Shandiz --- .github/workflows/scripts/check-help-wanted.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scripts/check-help-wanted.sh b/.github/workflows/scripts/check-help-wanted.sh index dd58586ddfa..d713be14440 100755 --- a/.github/workflows/scripts/check-help-wanted.sh +++ b/.github/workflows/scripts/check-help-wanted.sh @@ -78,7 +78,7 @@ if [ ${#ISSUES_WITHOUT_HELP_WANTED[@]} -gt 0 ]; then gh pr comment "$PR_URL" --body-file - < Date: Fri, 1 Aug 2025 15:36:55 -0400 Subject: [PATCH 11/52] Update permissions and events for workflow This commit makes a few notable changes: 1. Use the GitHub Actions automatic token for committing changes 2. Include workflow file in paths to trigger workflow 3. Checkout the default branch explicitly --- .github/workflows/third-party-licenses.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/third-party-licenses.yml b/.github/workflows/third-party-licenses.yml index b9d29e9dcfd..3cdc5858e1d 100644 --- a/.github/workflows/third-party-licenses.yml +++ b/.github/workflows/third-party-licenses.yml @@ -4,10 +4,11 @@ on: branches: - trunk paths: + - .github/licenses.tmpl + - .github/workflows/third-party-licenses.yml - go.mod - go.sum - - ".github/licenses.tmpl" - - "script/licenses*" + - script/licenses* jobs: # This job is responsible for updating the third-party license reports and source code. # It should be safe to cancel as the latest version of `go.mod` should be checked in. @@ -16,11 +17,13 @@ jobs: concurrency: group: ${{ github.workflow }} cancel-in-progress: true + permissions: + contents: write steps: - name: Check out code uses: actions/checkout@v4 with: - token: ${{ secrets.AUTOMATION_TOKEN }} + ref: trunk - name: Set up Go uses: actions/setup-go@v5 From 60fdb7ec2bd546040e0864e57bfbc0a4b2c4bdb8 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Fri, 1 Aug 2025 16:50:55 -0400 Subject: [PATCH 12/52] Update spam detection to comment on and close issue Fixes #11408 These changes enhance the GitHub CLI spam detection logic to automatically comment on and close suspected spam based on the past weeks of usage. Additionally, there were a few minor enhancements to the script, allowing it to be executed from anywhere rather than the root of the local repository. --- .../scripts/spam-detection/process-issue.sh | 22 ++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/.github/workflows/scripts/spam-detection/process-issue.sh b/.github/workflows/scripts/spam-detection/process-issue.sh index f65cb47e8d7..d9aff160fdd 100755 --- a/.github/workflows/scripts/spam-detection/process-issue.sh +++ b/.github/workflows/scripts/spam-detection/process-issue.sh @@ -9,16 +9,17 @@ set -euo pipefail +# Determine absolute path to script directory based on where it is called from. +# This allows the script to be run from any directory. +SPAM_DIR="$(dirname "$(realpath "$0")")" + _issue_url="$1" if [[ -z "$_issue_url" ]]; then echo "error: issue URL is empty" >&2 exit 1 fi -_suspected_spam_label="suspected-spam" -_check_issue_script=".github/workflows/scripts/spam-detection/check-issue.sh" - -_result="$($_check_issue_script "$_issue_url")" +_result="$("$SPAM_DIR/check-issue.sh" "$_issue_url")" if [[ "$_result" == "PASS" ]]; then echo "detected as not-spam: $_issue_url" @@ -27,6 +28,17 @@ fi echo "detected as spam: $_issue_url" -gh issue edit --add-label "$_suspected_spam_label" "$_issue_url" +cat << EOF | gh issue comment "$_issue_url" --body-file - +Thank you for taking the time to create this issue. + +We've automatically reviewed this issue and suspect it as potentially inauthentic or spam-like content. As a result, we're closing this issue. + +**If this was closed by mistake**, please don't hesitate to reach out to us by commenting on this issue with additional context. + +We appreciate your understanding and apologize if this action was taken in error. Our automated systems help us manage the large volume of issues we receive, but we know they're not perfect. +EOF + +gh issue edit --add-label "suspected-spam" --add-label "invalid" "$_issue_url" +gh issue close "$_issue_url" echo "issue labelled as suspected spam" From 6e400eb4a19e77f9d810ca73f679cac37c56df36 Mon Sep 17 00:00:00 2001 From: Sukh Date: Sat, 2 Aug 2025 03:01:40 -0400 Subject: [PATCH 13/52] docs(search): move search syntax note to `gh search --help` --- pkg/cmd/root/help_topic.go | 29 ----------------------------- pkg/cmd/search/code/code.go | 2 +- pkg/cmd/search/commits/commits.go | 2 +- pkg/cmd/search/issues/issues.go | 2 +- pkg/cmd/search/prs/prs.go | 2 +- pkg/cmd/search/repos/repos.go | 2 +- pkg/cmd/search/search.go | 29 ++++++++++++++++++++++++++++- 7 files changed, 33 insertions(+), 35 deletions(-) diff --git a/pkg/cmd/root/help_topic.go b/pkg/cmd/root/help_topic.go index 322bc4f775c..a375d9e2050 100644 --- a/pkg/cmd/root/help_topic.go +++ b/pkg/cmd/root/help_topic.go @@ -304,35 +304,6 @@ var HelpTopics = []helpTopic{ control some behavior. `), }, - { - name: "search-syntax", - short: "Search syntax for gh commands", - long: heredoc.Docf(` - Excluding search results that match a qualifier - - In a browser, the GitHub search syntax supports excluding results that match a search qualifier - by prefixing the qualifier with a hyphen. For example, to search for issues that - do not have the label "bug", you would use %[1]s-label:bug%[1]s as a search qualifier. - - %[1]sgh%[1]s supports this syntax in %[1]sgh search%[1]s as well, but it requires extra - syntax to avoid the hyphen being interpreted as a command line flag because it begins with a hyphen. - - On Unix-like systems, you can use the %[1]s--%[1]s argument to indicate that - the arguments that follow are not a flag, but rather a query string. For example: - - $ gh search issues -- "my-search-query -label:bug" - - On PowerShell, you must use both the %[1]s--%[2]s%[1]s argument and the %[1]s--%[1]s argument to - produce the same effect. For example: - - $ gh --%[2]s search issues -- "my search query -label:bug" - - See the following for more information: - - GitHub search syntax: - - The PowerShell stop parse flag %[1]s--%[2]s%[1]s: - - The Unix-like %[1]s--%[1]s argument: - `, "`", "%"), - }, } func NewCmdHelpTopic(ios *iostreams.IOStreams, ht helpTopic) *cobra.Command { diff --git a/pkg/cmd/search/code/code.go b/pkg/cmd/search/code/code.go index 5e80c1017f2..7ef2a4193f0 100644 --- a/pkg/cmd/search/code/code.go +++ b/pkg/cmd/search/code/code.go @@ -47,7 +47,7 @@ func NewCmdCode(f *cmdutil.Factory, runF func(*CodeOptions) error) *cobra.Comman The results might not match what is seen on %[1]sgithub.com%[1]s, and new features like regex search are not yet available via the GitHub API. - For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. + For more information on handling search queries containing a hyphen, run %[1]sgh search --help%[1]s. `, "`"), Example: heredoc.Doc(` # Search code matching "react" and "lifecycle" diff --git a/pkg/cmd/search/commits/commits.go b/pkg/cmd/search/commits/commits.go index ed5d1f758cb..939109b65de 100644 --- a/pkg/cmd/search/commits/commits.go +++ b/pkg/cmd/search/commits/commits.go @@ -46,7 +46,7 @@ func NewCmdCommits(f *cmdutil.Factory, runF func(*CommitsOptions) error) *cobra. GitHub search syntax is documented at: - For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. + For more information on handling search queries containing a hyphen, run %[1]sgh search --help%[1]s. `, "`"), Example: heredoc.Doc(` # Search commits matching set of keywords "readme" and "typo" diff --git a/pkg/cmd/search/issues/issues.go b/pkg/cmd/search/issues/issues.go index 0edca4b31f5..1d6ec6428c3 100644 --- a/pkg/cmd/search/issues/issues.go +++ b/pkg/cmd/search/issues/issues.go @@ -35,7 +35,7 @@ func NewCmdIssues(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *c GitHub search syntax is documented at: - For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. + For more information on handling search queries containing a hyphen, run %[1]sgh search --help%[1]s. `, "`"), Example: heredoc.Doc(` # Search issues matching set of keywords "readme" and "typo" diff --git a/pkg/cmd/search/prs/prs.go b/pkg/cmd/search/prs/prs.go index 39203f5fbc8..98ab730b595 100644 --- a/pkg/cmd/search/prs/prs.go +++ b/pkg/cmd/search/prs/prs.go @@ -37,7 +37,7 @@ func NewCmdPrs(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *cobr GitHub search syntax is documented at: - For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. + For more information on handling search queries containing a hyphen, run %[1]sgh search --help%[1]s. `, "`"), Example: heredoc.Doc(` # Search pull requests matching set of keywords "fix" and "bug" diff --git a/pkg/cmd/search/repos/repos.go b/pkg/cmd/search/repos/repos.go index a7116dd5885..0a4275a87ca 100644 --- a/pkg/cmd/search/repos/repos.go +++ b/pkg/cmd/search/repos/repos.go @@ -47,7 +47,7 @@ func NewCmdRepos(f *cmdutil.Factory, runF func(*ReposOptions) error) *cobra.Comm GitHub search syntax is documented at: - For more information on handling search queries containing a hyphen, run %[1]sgh help search-syntax%[1]s. + For more information on handling search queries containing a hyphen, run %[1]sgh search --help%[1]s. `, "`"), Example: heredoc.Doc(` # Search repositories matching set of keywords "cli" and "shell" diff --git a/pkg/cmd/search/search.go b/pkg/cmd/search/search.go index e8714065bab..e79e1ec4c36 100644 --- a/pkg/cmd/search/search.go +++ b/pkg/cmd/search/search.go @@ -3,6 +3,7 @@ package search import ( "github.com/cli/cli/v2/pkg/cmdutil" "github.com/spf13/cobra" + "github.com/MakeNowJust/heredoc" searchCodeCmd "github.com/cli/cli/v2/pkg/cmd/search/code" searchCommitsCmd "github.com/cli/cli/v2/pkg/cmd/search/commits" @@ -15,7 +16,33 @@ func NewCmdSearch(f *cmdutil.Factory) *cobra.Command { cmd := &cobra.Command{ Use: "search ", Short: "Search for repositories, issues, and pull requests", - Long: "Search across all of GitHub.", + Long: heredoc.Docf(` + Search across all of GitHub. + + Excluding search results that match a qualifier + + In a browser, the GitHub search syntax supports excluding results that match a search qualifier + by prefixing the qualifier with a hyphen. For example, to search for issues that + do not have the label "bug", you would use %[1]s-label:bug%[1]s as a search qualifier. + + %[1]sgh%[1]s supports this syntax in %[1]sgh search%[1]s as well, but it requires extra + syntax to avoid the hyphen being interpreted as a command line flag because it begins with a hyphen. + + On Unix-like systems, you can use the %[1]s--%[1]s argument to indicate that + the arguments that follow are not a flag, but rather a query string. For example: + + $ gh search issues -- "my-search-query -label:bug" + + On PowerShell, you must use both the %[1]s--%[2]s%[1]s argument and the %[1]s--%[1]s argument to + produce the same effect. For example: + + $ gh --%[2]s search issues -- "my search query -label:bug" + + See the following for more information: + - GitHub search syntax: + - The PowerShell stop parse flag %[1]s--%[2]s%[1]s: + - The Unix-like %[1]s--%[1]s argument: + `, "`", "%"), } cmd.AddCommand(searchCodeCmd.NewCmdCode(f, nil)) From 1e69d8a1a0676b4dbf9b2aba67fed7a53054cd0b Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Mon, 4 Aug 2025 08:30:04 -0400 Subject: [PATCH 14/52] Update .github/workflows/scripts/spam-detection/process-issue.sh Co-authored-by: Babak K. Shandiz --- .github/workflows/scripts/spam-detection/process-issue.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scripts/spam-detection/process-issue.sh b/.github/workflows/scripts/spam-detection/process-issue.sh index d9aff160fdd..10e5a528de4 100755 --- a/.github/workflows/scripts/spam-detection/process-issue.sh +++ b/.github/workflows/scripts/spam-detection/process-issue.sh @@ -39,6 +39,6 @@ We appreciate your understanding and apologize if this action was taken in error EOF gh issue edit --add-label "suspected-spam" --add-label "invalid" "$_issue_url" -gh issue close "$_issue_url" +gh issue close --reason 'not planned' "$_issue_url" echo "issue labelled as suspected spam" From ccc1b4f8c7d8596fcb061d69322515e643cadb08 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Mon, 4 Aug 2025 08:30:16 -0400 Subject: [PATCH 15/52] Apply suggestion from @Copilot Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/scripts/spam-detection/process-issue.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scripts/spam-detection/process-issue.sh b/.github/workflows/scripts/spam-detection/process-issue.sh index 10e5a528de4..ed825435663 100755 --- a/.github/workflows/scripts/spam-detection/process-issue.sh +++ b/.github/workflows/scripts/spam-detection/process-issue.sh @@ -41,4 +41,4 @@ EOF gh issue edit --add-label "suspected-spam" --add-label "invalid" "$_issue_url" gh issue close --reason 'not planned' "$_issue_url" -echo "issue labelled as suspected spam" +echo "issue processed as suspected spam: commented, closed, and labeled" From 1beb8252a79aeda6ec9e0eb342631185e5d8b557 Mon Sep 17 00:00:00 2001 From: ejahnGithub Date: Mon, 4 Aug 2025 20:58:45 -0400 Subject: [PATCH 16/52] fix error for ErrReleaseNotFound when fetching ref --- pkg/cmd/release/shared/fetch.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkg/cmd/release/shared/fetch.go b/pkg/cmd/release/shared/fetch.go index d383d1d0fc1..f25c1780720 100644 --- a/pkg/cmd/release/shared/fetch.go +++ b/pkg/cmd/release/shared/fetch.go @@ -164,7 +164,8 @@ func FetchRefSHA(ctx context.Context, httpClient *http.Client, repo ghrepo.Inter } `json:"object"` } if err := json.NewDecoder(resp.Body).Decode(&ref); err != nil { - return "", err + // release not found + return "", ErrReleaseNotFound } return ref.Object.SHA, nil From 701b3d59f62db2a2f55f6a571c9649e138c77ce4 Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Tue, 5 Aug 2025 16:59:53 -0600 Subject: [PATCH 17/52] Update issue triage guidelines and label usage Clarifies the triage process for bugs, enhancements, and docs issues, including the responsibilities of the first responder (FR). Expands and reorganizes label definitions, adds new labels for investigation and team triage, and updates the pull request assignment process to be load balanced. Improves instructions for engaging with issues and managing labels. --- docs/triage.md | 50 +++++++++++++++++++++++++++++++++++++------------- 1 file changed, 37 insertions(+), 13 deletions(-) diff --git a/docs/triage.md b/docs/triage.md index 7f8bbbd7b07..4f055e76f89 100644 --- a/docs/triage.md +++ b/docs/triage.md @@ -6,10 +6,12 @@ As we get more issues and pull requests opened on the GitHub CLI, we've decided Review and label [open issues missing either the `enhancement`, `bug`, or `docs` label](https://github.com/cli/cli/issues?q=is%3Aopen+is%3Aissue+-label%3Abug%2Cenhancement%2Cdocs+) and the label(s) corresponding to the command space prefixed with `gh-`, such as `gh-pr` for the `gh pr` command set, or `gh-extension` for the `gh extension` command set. -Then, engage with the issue and community with the goal to remove the `needs-triage` label from the issue. The heuristics for triaging the different issue types are as follow: +The heuristics for triaging the different issue types are as follows: ### Bugs +For bugs, the FR should engage with the issue and community with the goal to remove the `needs-triage` label from the issue. + To be considered triaged, `bug` issues require the following: - A severity label `p1`, `p2`, and `p3` @@ -23,33 +25,55 @@ To be considered triaged, `bug` issues require the following: | `p2` | Affects more than a few users but doesn't prevent core functions | | `p3` | Affects a small number of users or is largely cosmetic | -### Enhancements +### Enhancements & Docs + +For `enhancement` issues, the FR's role is to prepare the issue for team review and triage. + +When a new issue is opened, the FR **should**: -To be considered triaged, `enhancement` issues require either +- Acknowledge the issue +- Assign themselves to the issue +- Ensure there is enough information to understand the enhancement's scope and value +- Ask the user for more information about value and use-case, if necessary +- Leave the `needs-triage` label on the issue +- Add the `needs-user-input` and `needs-investigation` labels as needed -- Clearly defined Acceptance Criteria as above -- The `needs-investigation` or `needs-design` label with a clearly defined set of open questions to be investigated. +When the FR has enough information to be triaged, they should: +- Remove the `needs-user-input` and `needs-investigation` labels +- Remove their assignment from the issue -### Docs +The FR should **avoid**: -To be considered triaged, `docs` issues require clearly defined Acceptance Criteria, as defined above +- Thoroughly investigating the enhancement's technical feasibility +- Prematurely accepting the enhancement request +- Removing the `needs-triage` label +- Labeling issues as `help wanted` -## Additional triaging processes and labels +## Additional triaging labels -Before removing the `needs-triage` label, consider adding any of the following labels below. +The FR can consider adding any of the following labels below. | Label | Description | | - | - | | `discuss` | Some issues require discussion with the internal team. Adding this label will automatically open up an internal discussion with the team to facilitate this discussion. | | `core` | Defines what we would like to do internally. We tend to lean towards `help wanted` by default, and adding `core` should be reserved for trickier issues or implementations we have strong opinions/preferences about. | -| `good first issue` | Used to denote when an issue may be a good candidate for a first-time contributor to the CLI. These are usually small and well defined issues. | -| `help wanted` | Defines what we feel the community could solve should they care to contribute, respectively. We tend to lean towards `help wanted` by default, and adding `core` should be reserved for trickier issues or implementations we have strong opinions/preferences about. | -| `invalid` | Added to spam and abusive issues. | | `needs-user-input` | After asking any contributors for more information, add this label so it is clear that the issue has been responded to and we are waiting on the user. | +| `needs-investigation` | Used when the issue requires further investigation before it can be reviewed and triaged. This is often used for issues that are not clearly bugs or enhancements, or when the FR needs to gather more information before proceeding. | +| `invalid` | Added to spam and abusive issues. | + +### Labels for team enhancement triaging + +The FR should **avoid** adding these labels outside of team enhancement triage. + +| Label | Description | +| - | - | +| `good first issue` | Used to denote when an issue may be a good candidate for a first-time contributor to the CLI. These are usually small and well defined issues. | +| `help wanted` | These issues are ready for community contribution. | +| `help wanted candidate` | Used to denote when an issue may be a good candidate for community contribution. Issues labelled this way are discussed internally and may be promoted to `help wanted`. | ## Expectations for community pull requests -All incoming pull requests are assigned to one of the engineers for review on a round-robin basis. +All incoming pull requests are assigned to one of the engineers for review on a load balanced basis. The person in a triage role for a week could take a glance at these pull requests, mostly to see whether the changeset is feasible and to allow the associated CI run for new contributors. From 7a60981ddece55f1631d302a814527676cd3571f Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Tue, 5 Aug 2025 17:18:56 -0600 Subject: [PATCH 18/52] Update docs/triage.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- docs/triage.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/triage.md b/docs/triage.md index 4f055e76f89..ce97e77f82f 100644 --- a/docs/triage.md +++ b/docs/triage.md @@ -25,7 +25,7 @@ To be considered triaged, `bug` issues require the following: | `p2` | Affects more than a few users but doesn't prevent core functions | | `p3` | Affects a small number of users or is largely cosmetic | -### Enhancements & Docs +### Enhancements and Docs For `enhancement` issues, the FR's role is to prepare the issue for team review and triage. From c69d11c3f4467011a263c3b434e79a20c49b41c4 Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Tue, 5 Aug 2025 17:19:05 -0600 Subject: [PATCH 19/52] Update docs/triage.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- docs/triage.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/triage.md b/docs/triage.md index ce97e77f82f..ea119994c40 100644 --- a/docs/triage.md +++ b/docs/triage.md @@ -73,7 +73,7 @@ The FR should **avoid** adding these labels outside of team enhancement triage. ## Expectations for community pull requests -All incoming pull requests are assigned to one of the engineers for review on a load balanced basis. +All incoming pull requests are assigned to one of the engineers for review on a load-balanced basis. The person in a triage role for a week could take a glance at these pull requests, mostly to see whether the changeset is feasible and to allow the associated CI run for new contributors. From ce527971d14906c7653db6f4be1dad654aee8759 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 6 Aug 2025 14:35:09 +0000 Subject: [PATCH 20/52] chore(deps): bump actions/download-artifact from 4 to 5 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4 to 5. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index 17758a3e616..29744553b49 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -256,7 +256,7 @@ jobs: - name: Checkout cli/cli uses: actions/checkout@v4 - name: Merge built artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 - name: Checkout documentation site uses: actions/checkout@v4 with: From 3d9bd69e11a5fc338ef9c84ff7caea3cf5193cb4 Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Wed, 6 Aug 2025 10:28:56 -0600 Subject: [PATCH 21/52] Update pkg/cmd/search/search.go --- pkg/cmd/search/search.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/cmd/search/search.go b/pkg/cmd/search/search.go index e79e1ec4c36..551faf1f279 100644 --- a/pkg/cmd/search/search.go +++ b/pkg/cmd/search/search.go @@ -26,7 +26,7 @@ func NewCmdSearch(f *cmdutil.Factory) *cobra.Command { do not have the label "bug", you would use %[1]s-label:bug%[1]s as a search qualifier. %[1]sgh%[1]s supports this syntax in %[1]sgh search%[1]s as well, but it requires extra - syntax to avoid the hyphen being interpreted as a command line flag because it begins with a hyphen. + command line arguments to avoid the hyphen being interpreted as a command line flag because it begins with a hyphen. On Unix-like systems, you can use the %[1]s--%[1]s argument to indicate that the arguments that follow are not a flag, but rather a query string. For example: From 4dde0871bd6cd5207e54fa6c9183d5d52f53e81e Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Wed, 6 Aug 2025 10:32:46 -0600 Subject: [PATCH 22/52] Fix linter --- pkg/cmd/search/search.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/cmd/search/search.go b/pkg/cmd/search/search.go index 551faf1f279..2f435f14dd5 100644 --- a/pkg/cmd/search/search.go +++ b/pkg/cmd/search/search.go @@ -1,9 +1,9 @@ package search import ( + "github.com/MakeNowJust/heredoc" "github.com/cli/cli/v2/pkg/cmdutil" "github.com/spf13/cobra" - "github.com/MakeNowJust/heredoc" searchCodeCmd "github.com/cli/cli/v2/pkg/cmd/search/code" searchCommitsCmd "github.com/cli/cli/v2/pkg/cmd/search/commits" @@ -16,7 +16,7 @@ func NewCmdSearch(f *cmdutil.Factory) *cobra.Command { cmd := &cobra.Command{ Use: "search ", Short: "Search for repositories, issues, and pull requests", - Long: heredoc.Docf(` + Long: heredoc.Docf(` Search across all of GitHub. Excluding search results that match a qualifier From f8de714c65cc6feebb608ab855b052cf4ef309da Mon Sep 17 00:00:00 2001 From: cli automation Date: Thu, 7 Aug 2025 03:32:50 +0000 Subject: [PATCH 23/52] Bump Go to 1.24.6 --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 7f0569303d0..d3125bcd232 100644 --- a/go.mod +++ b/go.mod @@ -2,7 +2,7 @@ module github.com/cli/cli/v2 go 1.24.0 -toolchain go1.24.5 +toolchain go1.24.6 require ( github.com/AlecAivazis/survey/v2 v2.3.7 From 762d1029fa1685e27187a7b4f66c37c2c18b2049 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Thu, 7 Aug 2025 09:24:17 -0400 Subject: [PATCH 24/52] Pushing empty commit to run CI From 60af6bcb4953495c5d9318c1f7083d57fc36ba8d Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Thu, 7 Aug 2025 20:15:46 -0400 Subject: [PATCH 25/52] Initial installation doc refactor These changes work to improve GitHub CLI users experience by bringing: - clarity between official and unofficial installation methods - insight into unofficial installation methods - consistency across supported operating systems --- README.md | 133 ++++------------ docs/install_linux.md | 336 +++++++++++++++++++++++++++------------- docs/install_macos.md | 129 +++++++++++++++ docs/install_source.md | 59 +++++++ docs/install_windows.md | 97 ++++++++++++ 5 files changed, 543 insertions(+), 211 deletions(-) create mode 100644 docs/install_macos.md create mode 100644 docs/install_source.md create mode 100644 docs/install_windows.md diff --git a/README.md b/README.md index 8257cf56692..84ab978fd40 100644 --- a/README.md +++ b/README.md @@ -8,106 +8,57 @@ GitHub CLI is supported for users on GitHub.com, GitHub Enterprise Cloud, and Gi ## Documentation -For [installation options see below](#installation), for usage instructions [see the manual][manual]. +For [installation options see below](#installation), for usage instructions [see the manual]( https://cli.github.com/manual/). ## Contributing -If anything feels off or if you feel that some functionality is missing, please check out the [contributing page][contributing]. There you will find instructions for sharing your feedback, building the tool locally, and submitting pull requests to the project. +If anything feels off or if you feel that some functionality is missing, please check out the [contributing page](.github/CONTRIBUTING.md). There you will find instructions for sharing your feedback, building the tool locally, and submitting pull requests to the project. -If you are a hubber and are interested in shipping new commands for the CLI, check out our [doc on internal contributions][intake-doc]. +If you are a hubber and are interested in shipping new commands for the CLI, check out our [doc on internal contributions](docs/working-with-us.md) ## Installation -### macOS +### [macOS](docs/install_macos.md) -`gh` is available via [Homebrew][], [MacPorts][], [Conda][], [Spack][], [Webi][], and as a downloadable binary including Mac OS installer `.pkg` from the [releases page][]. +#### [Recommended _(Official)_](docs/install_macos.md#recommended-official) -> [!NOTE] -> As of May 29th, Mac OS installer `.pkg` are unsigned with efforts prioritized in [`cli/cli#9139`](https://github.com/cli/cli/issues/9139) to support signing them. +- [Homebrew](docs/install_macos.md#homebrew) +- [Precompiled binaries](docs/install_macos.md#precompiled-binaries) on [releases page][] -#### Homebrew +#### [Community _(Unofficial)_](docs/install_macos.md#community-unofficial) -| Install: | Upgrade: | -| ----------------- | ----------------- | -| `brew install gh` | `brew upgrade gh` | +- Package managers: [Conda](docs/install_macos.md#conda), [Flox](docs/install_macos.md#flox), [MacPorts](docs/install_macos.md#macports), [Spack](docs/install_macos.md#spack), [Webi](docs/install_macos.md#webi) -#### MacPorts +### [Linux & Unix](docs/install_linux.md) -| Install: | Upgrade: | -| ---------------------- | ---------------------------------------------- | -| `sudo port install gh` | `sudo port selfupdate && sudo port upgrade gh` | +#### [Recommended _(Official)_](docs/install_linux.md#recommended-official) -#### Conda +- [Debian, Raspberry Pi, Ubuntu](docs/install_linux.md#debian) +- [Amazon Linux, CentOS, Fedora, openSUSE, RHEL, SUSE](docs/install_linux.md#rpm) +- [Precompiled binaries](docs/install_linux.md#precompiled-binaries) on [releases page][] -| Install: | Upgrade: | -|------------------------------------------|-----------------------------------------| -| `conda install gh --channel conda-forge` | `conda update gh --channel conda-forge` | +#### [Community _(Unofficial)_](docs/install_linux.md#community-unofficial) -Additional Conda installation options available on the [gh-feedstock page](https://github.com/conda-forge/gh-feedstock#installing-gh). +- Package managers: [Conda](docs/install_linux.md#conda), [Flox](docs/install_linux.md#flox), [Spack](docs/install_linux.md#spack), [Webi](docs/install_linux.md#webi) +- Operating systems: [Alpine Linux](docs/install_linux.md#alpine-linux), [Android](docs/install_linux.md#android), [Arch Linux](docs/install_linux.md#arch-linux), [Fedora Community](docs/install_linux.md#fedora-community), [FreeBSD](docs/install_linux.md#freebsd), [Funtoo](docs/install_linux.md#funtoo), [Gentoo](docs/install_linux.md#gentoo), [Manjaro Linux](docs/install_linux.md#manjaro-linux), [MidnightBSD](docs/install_linux.md#midnightbsd), [NetBSD/pkgsrc](docs/install_linux.md#netbsdpkgsrc), [Nix/NixOS](docs/install_linux.md#nixnixos), [OpenBSD](docs/install_linux.md#openbsd), [openSUSE Tumbleweed](docs/install_linux.md#opensuse-tumbleweed), [Solus Linux](docs/install_linux.md#solus-linux), [Void Linux](docs/install_linux.md#void-linux). -#### Spack +### [Windows](docs/install_windows.md) -| Install: | Upgrade: | -| ------------------ | ---------------------------------------- | -| `spack install gh` | `spack uninstall gh && spack install gh` | +#### [Recommended _(Official)_](docs/install_windows.md#recommended-official) -#### Webi +- [WinGet](docs/install_windows.md#winget) +- [Precompiled binaries](docs/install_windows.md#precompiled-binaries) on [releases page][] -| Install: | Upgrade: | -| ----------------------------------- | ---------------- | -| `curl -sS https://webi.sh/gh \| sh` | `webi gh@stable` | +#### [Community _(Unofficial)_](docs/install_windows.md#community-unofficial) -For more information about the Webi installer, see [its homepage](https://webinstall.dev/). +- Package managers: [Chocolatey](docs/install_windows.md#chocolatey), [Conda](docs/install_windows.md#conda), [Scoop](docs/install_windows.md#scoop), [Webi](docs/install_windows.md#webi) -#### Flox - -| Install: | Upgrade: | -| ----------------- | ----------------------- | -| `flox install gh` | `flox upgrade toplevel` | - -For more information about Flox, see [its homepage](https://flox.dev) - -### Linux & BSD - -`gh` is available via: -- [our Debian and RPM repositories](./docs/install_linux.md); -- community-maintained repositories in various Linux distros; -- OS-agnostic package managers such as [Homebrew](#homebrew), [Conda](#conda), [Spack](#spack), [Webi](#webi); and -- our [releases page][] as precompiled binaries. - -For more information, see [Linux & BSD installation](./docs/install_linux.md). - -### Windows - -`gh` is available via [WinGet][], [scoop][], [Chocolatey][], [Conda](#conda), [Webi](#webi), and as downloadable MSI. - -#### WinGet - -| Install: | Upgrade: | -| ------------------- | --------------------| -| `winget install --id GitHub.cli` | `winget upgrade --id GitHub.cli` | - -> [!NOTE] -> The Windows installer modifies your PATH. When using Windows Terminal, you will need to **open a new window** for the changes to take effect. (Simply opening a new tab will _not_ be sufficient.) - -#### scoop - -| Install: | Upgrade: | -| ------------------ | ------------------ | -| `scoop install gh` | `scoop update gh` | - -#### Chocolatey - -| Install: | Upgrade: | -| ------------------ | ------------------ | -| `choco install gh` | `choco upgrade gh` | - -#### Signed MSI +### Build from source -MSI installers are available for download on the [releases page][]. +See here on how to [build GitHub CLI from source](docs/install_source.md). -### Codespaces +### GitHub Codespaces To add GitHub CLI to your codespace, add the following to your [devcontainer file](https://docs.github.com/en/codespaces/setting-up-your-project-for-codespaces/adding-features-to-a-devcontainer-file): @@ -119,13 +70,13 @@ To add GitHub CLI to your codespace, add the following to your [devcontainer fil ### GitHub Actions -GitHub CLI comes pre-installed in all [GitHub-Hosted Runners](https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners). +[GitHub-hosted runners](https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners) have the GitHub CLI pre-installed, which is updated weekly. -### Other platforms +If a specific version is needed, your GitHub Actions workflow will need to install it based on the [macOS](#macos), [Linux & Unix](#linux--unix), or [Windows](#windows) instructions above. -Download packaged binaries from the [releases page][]. +For information on all pre-installed tools, see [`actions/runner-images`](https://github.com/actions/runner-images) -#### Verification of binaries +### Verification of binaries Since version 2.50.0, `gh` has been producing [Build Provenance Attestation](https://github.blog/changelog/2024-06-25-artifact-attestations-is-generally-available/), enabling a cryptographically verifiable paper-trail back to the origin GitHub repository, git revision, and build instructions used. The build provenance attestations are signed and rely on Public Good [Sigstore](https://www.sigstore.dev/) for PKI. @@ -157,29 +108,11 @@ There are two common ways to verify a downloaded release, depending on whether ` Verified OK ``` -### Build from source - -See here on how to [build GitHub CLI from source][build from source]. - ## Comparison with hub -For many years, [hub][] was the unofficial GitHub CLI tool. `gh` is a new project that helps us explore +For many years, [hub](https://github.com/github/hub) was the unofficial GitHub CLI tool. `gh` is a new project that helps us explore what an official GitHub CLI tool can look like with a fundamentally different design. While both tools bring GitHub to the terminal, `hub` behaves as a proxy to `git`, and `gh` is a standalone -tool. Check out our [more detailed explanation][gh-vs-hub] to learn more. - -[manual]: https://cli.github.com/manual/ -[Homebrew]: https://brew.sh -[MacPorts]: https://www.macports.org -[winget]: https://github.com/microsoft/winget-cli -[scoop]: https://scoop.sh -[Chocolatey]: https://chocolatey.org -[Conda]: https://docs.conda.io/en/latest/ -[Spack]: https://spack.io -[Webi]: https://webinstall.dev +tool. Check out our [more detailed explanation](docs/gh-vs-hub.md) to learn more. + [releases page]: https://github.com/cli/cli/releases/latest -[hub]: https://github.com/github/hub -[contributing]: ./.github/CONTRIBUTING.md -[gh-vs-hub]: ./docs/gh-vs-hub.md -[build from source]: ./docs/source.md -[intake-doc]: ./docs/working-with-us.md diff --git a/docs/install_linux.md b/docs/install_linux.md index 15e843f4e5c..42886fcff1a 100644 --- a/docs/install_linux.md +++ b/docs/install_linux.md @@ -1,17 +1,18 @@ # Installing gh on Linux and BSD -Packages downloaded from https://cli.github.com or from https://github.com/cli/cli/releases -are considered official binaries. We focus on popular Linux distros and -the following CPU architectures: `i386`, `amd64`, `arm64`, `armhf`. +## Recommended _(Official)_ -Other sources for installation are community-maintained and thus might lag behind -our release schedule. +### Debian -## Official sources +Debian packages are hosted on the [GitHub CLI marketing site](https://cli.github.com/) for various operating systems including: -### Debian, Ubuntu Linux, Raspberry Pi OS (apt) +- [Debian](https://www.debian.org/) +- [Raspberry Pi](https://www.raspberrypi.com/) +- [Ubuntu Linux](https://ubuntu.com/) -Install: +These packages are supported by the GitHub CLI maintainers with updates powered by [GitHub CLI deployment workflow](https://github.com/cli/cli/actions/workflows/deployment.yml). + +To install: ```bash (type -p wget >/dev/null || (sudo apt update && sudo apt install wget -y)) \ @@ -25,56 +26,59 @@ Install: && sudo apt install gh -y ``` -Upgrade: +To upgrade: ```bash sudo apt update sudo apt install gh ``` -> [!NOTE] -> If errors regarding GPG signatures occur, see [cli/cli#9569](https://github.com/cli/cli/issues/9569) for steps to fix this. +### RPM + +RPM packages are hosted on the [GitHub CLI marketing site](https://cli.github.com) for various operating systems including: -### Fedora, CentOS, Red Hat Enterprise Linux (DNF4 & DNF5) +- [Amazon Linux 2](https://aws.amazon.com/amazon-linux-2/) +- [CentOS](https://www.centos.org/) +- [Fedora](https://fedoraproject.org/) +- [Red Hat Enterprise Linux](https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux) +- [openSUSE](https://www.opensuse.org/) +- [SUSE](https://www.suse.com/) -Install from our package repository for immediate access to latest releases. +These packages are supported by the GitHub CLI maintainers with updates powered by [GitHub CLI deployment workflow](https://github.com/cli/cli/actions/workflows/deployment.yml). #### DNF5 > [!IMPORTANT] > **These commands apply to DNF5 only**. If you're using DNF4, please use [the DNF4 instructions](#dnf4). +To install: + ```bash -# DNF5 installation commands sudo dnf install dnf5-plugins sudo dnf config-manager addrepo --from-repofile=https://cli.github.com/packages/rpm/gh-cli.repo sudo dnf install gh --repo gh-cli ``` +To upgrade: + +```bash +sudo dnf update gh +``` + #### DNF4 > [!IMPORTANT] > **These commands apply to DNF4 only**. If you're using DNF5, please use [the DNF5 instructions](#dnf5). +To install: + ```bash -# DNF4 installation commands sudo dnf install 'dnf-command(config-manager)' sudo dnf config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo sudo dnf install gh --repo gh-cli ``` -> [!NOTE] -> If errors regarding GPG signatures occur, see [cli/cli#9569](https://github.com/cli/cli/issues/9569) for steps to fix this. - -### Fedora, CentOS, Red Hat Enterprise Linux - Community repository - -Alternatively, install from the [community repository](https://packages.fedoraproject.org/pkgs/gh/gh/): - -```bash -sudo dnf install gh -``` - -Upgrade: +To upgrade: ```bash sudo dnf update gh @@ -82,7 +86,7 @@ sudo dnf update gh ### Amazon Linux 2 (yum) -Install using our package repository for immediate access to latest releases: +To install: ```bash type -p yum-config-manager >/dev/null || sudo yum install yum-utils @@ -90,18 +94,15 @@ sudo yum-config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.re sudo yum install gh ``` -Upgrade: +To upgrade: ```bash sudo yum update gh ``` -> [!NOTE] -> If errors regarding GPG signatures occur, see [cli/cli#9569](https://github.com/cli/cli/issues/9569) for steps to fix this. - ### openSUSE/SUSE Linux (zypper) -Install: +To install: ```bash sudo zypper addrepo https://cli.github.com/packages/rpm/gh-cli.repo @@ -109,204 +110,317 @@ sudo zypper ref sudo zypper install gh ``` -Upgrade: +To upgrade: ```bash sudo zypper ref sudo zypper update gh ``` -> [!NOTE] -> If errors regarding GPG signatures occur, see [cli/cli#9569](https://github.com/cli/cli/issues/9569) for steps to fix this. +### Homebrew + +[Homebrew](https://brew.sh/) is a free and open-source software package management system that simplifies the installation of software on Apple's operating system, macOS, as well as Linux. + +The [GitHub CLI formulae](https://formulae.brew.sh/formula/gh) is supported by the GitHub CLI maintainers with help from our friends at Homebrew with updated powered by [homebrew/hoomebrew-core](https://github.com/Homebrew/homebrew-core/blob/main/Formula/g/gh.rb). + +To install: + +```shell +brew install gh +``` + +To upgrade: -## Manual installation +```shell +brew upgrade gh +``` -* [Download release binaries][releases page] that match your platform; or -* [Build from source](./source.md). +### Precompiled binaries -## Unofficial, community-supported methods +[GitHub CLI releases](https://github.com/cli/cli/releases/latest) contain precompiled binaries for `386`, `amd64`, `arm64`, and `armv6` architectures. -The GitHub CLI team does not maintain the following packages or repositories and thus we are unable to provide support for those installation methods. +## Community _(Unofficial)_ -### Snap (do not use) +> [!IMPORTANT] +> The GitHub CLI team does not maintain the following packages or repositories and thus we are unable to provide support for those installation methods. -There are [so many issues with Snap](https://github.com/casperdcl/cli/issues/7) as a runtime mechanism for apps like GitHub CLI that our team suggests _never installing gh as a snap_. +### Alpine Linux -### Arch Linux +The [GitHub CLI package](https://pkgs.alpinelinux.org/package/edge/community/x86_64/github-cli) is supported by the Alpine Linux community with updates powered by [alpine/aports](https://gitlab.alpinelinux.org/alpine/aports/-/tree/master/community/github-cli. -Arch Linux users can install from the [extra repo][arch linux repo]: +To install stable release: ```bash -sudo pacman -S github-cli +apk add github-cli ``` -Alternatively, use the [unofficial AUR package][arch linux aur] to build GitHub CLI from source. +To install edge release: + +```bash +echo "@community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories +apk add github-cli@community +``` ### Android -Android 7+ users can install via [Termux](https://wiki.termux.com/wiki/Main_Page): +The [GitHub CLI package](https://packages.termux.dev/apt/termux-main/pool/main/g/gh/) is supported by the Termux community with updates powered by [termux/termux-packages](https://github.com/termux/termux-packages/tree/master/packages/gh) + +To install and upgrade: ```bash pkg install gh ``` -### FreeBSD +### Arch Linux + +The [GitHub CLI package](https://www.archlinux.org/packages/extra/x86_64/github-cli) is supported by the Arch Linux community with updates powered by [Arch Linux packaging](https://gitlab.archlinux.org/archlinux/packaging/packages/github-cli) -FreeBSD users can install from the [ports collection](https://www.freshports.org/devel/gh/): +To install: ```bash -cd /usr/ports/devel/gh/ && make install clean +sudo pacman -S github-cli ``` -Or via [pkg(8)](https://www.freebsd.org/cgi/man.cgi?pkg(8)): +To upgrade all packages: ```bash -pkg install gh +sudo pacman -Syu ``` -### MidnightBSD +Alternatively, use the [unofficial AUR package](https://aur.archlinux.org/packages/github-cli-git) to build GitHub CLI from source. -MidnightBSD users can install from [mports](https://www.midnightbsd.org/documentation/mports/index.html) +### Conda -```bash -cd /usr/mports/devel/gh/ && make install clean +[Conda](https://docs.conda.io/en/latest/) is an open source package management system and environment management system for installing multiple versions of software packages and their dependencies and switching easily between them. It works on Linux, OS X and Windows, and was created for Python programs but can package and distribute any software. + +The [GitHub CLI package](https://anaconda.org/conda-forge/gh) is supported by the Conda community with updates powered by [conda-forge/gh-feedstock](https://github.com/conda-forge/gh-feedstock#installing-gh). + +To install: + +```shell +conda install gh --channel conda-forge ``` -Or via [mport(1)](http://man.midnightbsd.org/cgi-bin/man.cgi/mport): +To upgrade: -```bash -mport install gh +```shell +conda update gh --channel conda-forge ``` -### NetBSD/pkgsrc +### Fedora Community + +The [GitHub CLI package](https://packages.fedoraproject.org/pkgs/gh/gh/) is supported by the Fedora community with updates powered by [Fedora Project](https://src.fedoraproject.org/rpms/gh). -NetBSD users and those on [platforms supported by pkgsrc](https://pkgsrc.org/#index4h1) can install the [gh package](https://pkgsrc.se/net/gh): +To install: ```bash -pkgin install gh +sudo dnf install gh ``` -To install from source: +To upgrade: ```bash -cd /usr/pkgsrc/net/gh && make package-install +sudo dnf update gh ``` -### OpenBSD +### Flox + +[Flox](https://flox.dev/) is a virtual environment and package manager all in one. With Flox you create environments that layer and replace dependencies just where it matters, making them portable across the full software lifecycle. + +Flox relies upon the [GitHub CLI package](https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/gh/gh/package.nix) supported by the [NixOS community](https://nixos.org/) -In -current, or in releases starting from 7.0, OpenBSD users can install from packages: +To install: +```shell +flox install gh ``` -pkg_add github-cli + +To upgrade: + +```shell +flox upgrade toplevel +``` + +### FreeBSD + +The [GitHub CLI port](https://www.freshports.org/devel/gh/) is supported by the FreeBSD community with updates powered by [FreeBSD ports](https://cgit.freebsd.org/ports/tree/devel/gh) + +```bash +cd /usr/ports/devel/gh/ && make install clean +``` + +Or via [pkg(8)](https://www.freebsd.org/cgi/man.cgi?pkg(8)): + +```bash +pkg install gh ``` ### Funtoo -Funtoo Linux has an autogenerated github-cli package, located in [dev-kit](https://github.com/funtoo/dev-kit/tree/1.4-release/dev-util/github-cli), which can be installed in the following way: +The GitHub CLI portage is supported by the Funtoo community with updates powered by [funtoo/dev-kit](https://github.com/funtoo/dev-kit/tree/1.4-release/dev-util/github-cli). -``` bash +To install: + +```bash emerge -av github-cli ``` -Upgrading can be done by syncing the repos and then requesting an upgrade: +To upgrade: -``` bash +```bash ego sync emerge -u github-cli ``` ### Gentoo -Gentoo Linux users can install from the [main portage tree](https://packages.gentoo.org/packages/dev-util/github-cli): +The [GitHub CLI portage](https://packages.gentoo.org/packages/dev-util/github-cli) is supported by the Gentoo community with updates powered by [Gentoo portage](https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-util/github-cli). + +To install: ``` bash emerge -av github-cli ``` -Upgrading can be done by updating the portage tree and then requesting an upgrade: +To upgrade: ``` bash emerge --sync emerge -u github-cli ``` -### Kiss Linux +### Manjaro Linux + +The [GitHub CLI package](https://manjaristas.org/branch_compare?q=github-cli) is the same package produced by the [Arch Linux community](#arch-linux) -Kiss Linux users can install from the [community repos](https://github.com/kisslinux/community): +To install and upgrade: ```bash -kiss b github-cli && kiss i github-cli +pamac install github-cli ``` -### Nix/NixOS +### MidnightBSD -Nix/NixOS users can install from [nixpkgs](https://search.nixos.org/packages?query=gh&sort=relevance&show=gh): +The [GitHub CLI port](https://www.midnightbsd.org/mports/devel/gh/README.html) is supported by the MidnightBSD community with updates powered by [MidnightBSD/mports](https://github.com/MidnightBSD/mports/tree/master/devel/gh) + +To install: ```bash -nix-env -iA nixos.gh +cd /usr/mports/devel/gh/ && make install clean ``` -### Flox +Or via [mport(1)](http://man.midnightbsd.org/cgi-bin/man.cgi/mport): + +```bash +mport install gh +``` + +### NetBSD/pkgsrc -Flox users can install from the [official community nixpkgs](https://github.com/flox/nixpkgs). +The [GitHub CLI package](https://pkgsrc.se/net/gh) is supported by the NetBSD community with updates powered by [NetBSD/pkgsrc](https://github.com/NetBSD/pkgsrc/tree/trunk/net/gh). + +To install: ```bash -# To install -flox install gh +pkgin install gh +``` -# To upgrade -flox upgrade toplevel +### Nix/NixOS + +The [GitHub CLI package](https://search.nixos.org/packages?query=gh&sort=relevance&show=gh) is supported by the NixOS community with updates powered by [NixOS/nixpkgs](https://github.com/NixOS/nixpkgs/tree/master/pkgs/by-name/gh/gh). + +To install: + +```bash +nix-env -iA nixos.gh ``` -For more information about Flox, see [its homepage](https://flox.dev). +### OpenBSD + +The [GitHub CLI port](https://openports.pl/path/devel/github-cli) is supported by the OpenBSD community with updates powered by [OpenBSD ports](https://cvsweb.openbsd.org/ports/devel/github-cli/). + +To install: + +``` +pkg_add github-cli +``` ### openSUSE Tumbleweed -openSUSE Tumbleweed users can install from the [official distribution repo](https://software.opensuse.org/package/gh): +The [GitHub CLI package](https://software.opensuse.org/package/gh) is supported by the openSUSE community. + +To install: + ```bash -sudo zypper in gh +sudo zypper install gh ``` +To upgrade: -### Alpine Linux +```bash +sudo zypper update gh +``` + +### Solus Linux -Alpine Linux users can install from the [stable releases' community package repository](https://pkgs.alpinelinux.org/packages?name=github-cli&branch=v3.15). +The GitHub CLI package is supported by the Solus Linux community with updates powered by [getsolus/packages](https://github.com/getsolus/packages/blob/main/packages/g/github-cli/) + +To install: ```bash -apk add github-cli +sudo eopkg install github-cli ``` -Users wanting the latest version of the CLI without waiting to be backported into the stable release they're using should use the edge release's -community repo through this method below, without mixing packages from stable and unstable repos.[^1] +### Spack -```bash -echo "@community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories -apk add github-cli@community +[Spack](https://spack.io/) is a flexible package manager supporting multiple versions, configurations, platforms, and compilers for supercomputers, Linux, and macOS. + +The [GitHub CLI package](https://packages.spack.io/package.html?name=gh) is supported by the Spack community with updates powered by [spack/spack-packages](https://github.com/spack/spack-packages/tree/develop/repos/spack_repo/builtin/packages/gh). + +To install: + +```shell +spack install gh +``` + +To upgrade: + +```shell +spack uninstall gh && spack install gh ``` ### Void Linux -Void Linux users can install from the [official distribution repo](https://voidlinux.org/packages/?arch=x86_64&q=github-cli): + +The [GitHub CLI package](https://voidlinux.org/packages/?arch=x86_64&q=github-cli): is supported by the Void Linux community with updates powered by [void-linux/void-packages](https://github.com/void-linux/void-packages/tree/master/srcpkgs/github-cli) + +To install: ```bash sudo xbps-install github-cli ``` -### Manjaro Linux -Manjaro Linux users can install from the [official extra repository](https://manjaristas.org/branch_compare?q=github-cli): +### Webi -```bash -pamac install github-cli +[Webi](https://webinstall.dev/) is a tool that aims to effortlessly install developer tools with easy-to-remember URLs from official builds quickly, without sudo or Admin, without a package manager, and without changing system file permissions. + +The [GitHub CLI package](https://webinstall.dev/gh/) is supported by the Webi community with updates powered by [webinstall/webi-installers](https://github.com/webinstall/webi-installers/tree/main/gh). + +To install: + +```shell +curl -sS https://webi.sh/gh \| sh ``` -### Solus Linux -Solus Linux users can install using [eopkg package manager](https://help.getsol.us/docs/user/package-management/basics/): +To upgrade: -```bash -sudo eopkg install github-cli +```shell +webi gh@stable ``` -For more information about the `github-cli` package, see [the package definition](https://github.com/getsolus/packages/blob/main/packages/g/github-cli/package.yml) in the `getsolus/packages` repository. +## Discouraged + +> [!WARNING] +> The GitHub CLI team actively discourages use of the following methods of installion. + +### Snap -[releases page]: https://github.com/cli/cli/releases/latest -[arch linux repo]: https://www.archlinux.org/packages/extra/x86_64/github-cli -[arch linux aur]: https://aur.archlinux.org/packages/github-cli-git -[^1]: https://wiki.alpinelinux.org/wiki/Package_management#Repository_pinning +The [GitHub CLI package](https://snapcraft.io/gh) has [so many issues with Snap](https://github.com/casperdcl/cli/issues/7) as a runtime mechanism for apps like GitHub CLI that our team suggests _never installing gh as a snap_. diff --git a/docs/install_macos.md b/docs/install_macos.md new file mode 100644 index 00000000000..5e5cedf72f5 --- /dev/null +++ b/docs/install_macos.md @@ -0,0 +1,129 @@ +# Installing gh on macOS + +## Recommended _(Official)_ + +### Homebrew + +[Homebrew](https://brew.sh/) is a free and open-source software package management system that simplifies the installation of software on Apple's operating system, macOS, as well as Linux. + +The [GitHub CLI formulae](https://formulae.brew.sh/formula/gh) is supported by the GitHub CLI maintainers with help from our friends at Homebrew with updated powered by [homebrew/homebrew-core](https://github.com/Homebrew/homebrew-core/blob/main/Formula/g/gh.rb). + +To install: + +```shell +brew install gh +``` + +To upgrade: + +```shell +brew upgrade gh +``` + +### Precompiled binaries + +[GitHub CLI releases](https://github.com/cli/cli/releases/latest) contain precompiled binaries for `amd64` and `arm64` architectures along with a universal installer. + +> [!NOTE] +> As of May 29th, Mac OS installer `.pkg` are unsigned with efforts prioritized in [`cli/cli#9139`](https://github.com/cli/cli/issues/9139) to support signing them. + +### Build from source + +Users who want the latest changes can build the GitHub CLI from source. + +For more information, see [installation from source](install_source.md). + +## Community _(Unofficial)_ + +> [!IMPORTANT] +> The GitHub CLI team does not maintain the following packages or repositories and thus we are unable to provide support for those installation methods. + +### Conda + +[Conda](https://docs.conda.io/en/latest/) is an open source package management system and environment management system for installing multiple versions of software packages and their dependencies and switching easily between them. It works on Linux, OS X and Windows, and was created for Python programs but can package and distribute any software. + +The [GitHub CLI package](https://anaconda.org/conda-forge/gh) is supported by the Conda community with updates powered by [conda-forge/gh-feedstock](https://github.com/conda-forge/gh-feedstock#installing-gh). + +To install: + +```shell +conda install gh --channel conda-forge +``` + +To upgrade: + +```shell +conda update gh --channel conda-forge +``` + +### Flox + +[Flox](https://flox.dev/) is a virtual environment and package manager all in one. With Flox you create environments that layer and replace dependencies just where it matters, making them portable across the full software lifecycle. + +Flox relies upon the [GitHub CLI package](https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/gh/gh/) supported by the [NixOS community](https://nixos.org/) + +To install: + +```shell +flox install gh +``` + +To upgrade: + +```shell +flox upgrade toplevel +``` + +### MacPorts + +[MacPorts](https://www.macports.org/) is an open-source community initiative to design an easy-to-use system for compiling, installing, and upgrading either command-line, X11 or Aqua based open-source software on the Mac operating system. + +The [GitHub CLI port](https://ports.macports.org/port/gh/) is supported by the MacPorts community with updates powered by [macports/macports-ports](https://github.com/macports/macports-ports/blob/master/devel/gh/Portfile) + +To install: + +```shell +sudo port install gh +``` + +To upgrade: + +```shell +sudo port selfupdate && sudo port upgrade gh +``` + +### Spack + +[Spack](https://spack.io/) is a flexible package manager supporting multiple versions, configurations, platforms, and compilers for supercomputers, Linux, and macOS. + +The [GitHub CLI package](https://packages.spack.io/package.html?name=gh) is supported by the Spack community with updates powered by [spack/spack-packages](https://github.com/spack/spack-packages/tree/develop/repos/spack_repo/builtin/packages/gh). + +To install: + +```shell +spack install gh +``` + +To upgrade: + +```shell +spack uninstall gh && spack install gh +``` + +### Webi + +[Webi](https://webinstall.dev/) is a tool that aims to effortlessly install developer tools with easy-to-remember URLs from official builds quickly, without sudo or Admin, without a package manager, and without changing system file permissions. + +The [GitHub CLI package](https://webinstall.dev/gh/) is supported by the Webi community with updates powered by [webinstall/webi-installers](https://github.com/webinstall/webi-installers/tree/main/gh). + +To install: + +```shell +curl -sS https://webi.sh/gh \| sh +``` + +To upgrade: + +```shell +webi gh@stable +``` diff --git a/docs/install_source.md b/docs/install_source.md new file mode 100644 index 00000000000..e37c7679c31 --- /dev/null +++ b/docs/install_source.md @@ -0,0 +1,59 @@ +# Installation from source + +1. Verify that you have Go 1.24+ installed + + ```sh + $ go version + ``` + + If `go` is not installed, follow instructions on [the Go website](https://golang.org/doc/install). + +2. Clone this repository + + ```sh + $ git clone https://github.com/cli/cli.git gh-cli + $ cd gh-cli + ``` + +3. Build and install + + #### Unix-like systems + ```sh + # installs to '/usr/local' by default; sudo may be required, or sudo -E for configured go environments + $ make install + + # or, install to a different location + $ make install prefix=/path/to/gh + ``` + + #### Windows + ```pwsh + # build the `bin\gh.exe` binary + > go run script\build.go + ``` + There is no install step available on Windows. + +4. Run `gh version` to check if it worked. + + #### Windows + Run `bin\gh version` to check if it worked. + +## Cross-compiling binaries for different platforms + +You can use any platform with Go installed to build a binary that is intended for another platform +or CPU architecture. This is achieved by setting environment variables such as GOOS and GOARCH. + +For example, to compile the `gh` binary for the 32-bit Raspberry Pi OS: +```sh +# on a Unix-like system: +$ GOOS=linux GOARCH=arm GOARM=7 CGO_ENABLED=0 make clean bin/gh +``` +```pwsh +# on Windows, pass environment variables as arguments to the build script: +> go run script\build.go clean bin\gh GOOS=linux GOARCH=arm GOARM=7 CGO_ENABLED=0 +``` + +Run `go tool dist list` to list all supported values of GOOS/GOARCH. + +Tip: to reduce the size of the resulting binary, you can use `GO_LDFLAGS="-s -w"`. This omits +symbol tables used for debugging. See the list of [supported linker flags](https://golang.org/cmd/link/). diff --git a/docs/install_windows.md b/docs/install_windows.md new file mode 100644 index 00000000000..c5e67867336 --- /dev/null +++ b/docs/install_windows.md @@ -0,0 +1,97 @@ +# Installing gh on Windows + +## Recommended _(Official)_ + +### WinGet + +The [GitHub CLI package](https://winget.run/pkg/GitHub/cli) is supported by Microsoft with updates powered by [microsoft/winget-pkgs](https://github.com/microsoft/winget-pkgs/tree/master/manifests/g/GitHub/cli/) + +To install: + +```pwsh +winget install --id GitHub.cli +``` + +To upgrade: + +```pwsh +winget upgrade --id GitHub.cli +``` + +> [!NOTE] +> The Windows installer modifies your PATH. When using Windows Terminal, you will need to **open a new window** for the changes to take effect. (Simply opening a new tab will _not_ be sufficient.) + +### Precompiled binaries + +[GitHub CLI releases](https://github.com/cli/cli/releases/latest) contain precompiled `exe` and `msi` binaries for `386`, `amd64` and `arm64` architectures. + +## Community _(Unofficial)_ + +> [!IMPORTANT] +> The GitHub CLI team does not maintain the following packages or repositories and thus we are unable to provide support for those installation methods. + +### Chocolatey + +The [GitHub CLI package](https://community.chocolatey.org/packages/gh) is supported by the Chocolatey communty with updates powered by [pauby/ChocoPackages](https://github.com/pauby/ChocoPackages/tree/master/automatic/gh) + +To install: + +```pwsh +choco install gh +``` + +To upgrade: + +```pwsh +choco upgrade gh +``` + +### Conda + +[Conda](https://docs.conda.io/en/latest/) is an open source package management system and environment management system for installing multiple versions of software packages and their dependencies and switching easily between them. It works on Linux, OS X and Windows, and was created for Python programs but can package and distribute any software. + +The [GitHub CLI package](https://anaconda.org/conda-forge/gh) is supported by the Conda community with updates powered by [conda-forge/gh-feedstock](https://github.com/conda-forge/gh-feedstock#installing-gh). + +To install: + +```shell +conda install gh --channel conda-forge +``` + +To upgrade: + +```shell +conda update gh --channel conda-forge +``` + +### Scoop + +To install: + +```pwsh +scoop install gh +``` + +To upgrade: + +```pwsh +scoop update gh +``` + +### Webi + +[Webi](https://webinstall.dev/) is a tool that aims to effortlessly install developer tools with easy-to-remember URLs from official builds quickly, without sudo or Admin, without a package manager, and without changing system file permissions. + +The [GitHub CLI package](https://webinstall.dev/gh/) is supported by the Webi community with updates powered by [webinstall/webi-installers](https://github.com/webinstall/webi-installers/tree/main/gh). + +To install: + +```shell +curl -sS https://webi.sh/gh \| sh +``` + +To upgrade: + +```shell +webi gh@stable +``` From d992d51b6e7b2640bc0bfa5c039314f4f55a780f Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Thu, 7 Aug 2025 20:26:33 -0400 Subject: [PATCH 26/52] Formatting --- docs/install_linux.md | 14 +++++++------- docs/install_macos.md | 8 +------- docs/install_windows.md | 8 ++++++-- 3 files changed, 14 insertions(+), 16 deletions(-) diff --git a/docs/install_linux.md b/docs/install_linux.md index 42886fcff1a..95bf7646cd4 100644 --- a/docs/install_linux.md +++ b/docs/install_linux.md @@ -146,7 +146,7 @@ brew upgrade gh ### Alpine Linux -The [GitHub CLI package](https://pkgs.alpinelinux.org/package/edge/community/x86_64/github-cli) is supported by the Alpine Linux community with updates powered by [alpine/aports](https://gitlab.alpinelinux.org/alpine/aports/-/tree/master/community/github-cli. +The [GitHub CLI package](https://pkgs.alpinelinux.org/package/edge/community/x86_64/github-cli) is supported by the Alpine Linux community with updates powered by [alpine/aports](https://gitlab.alpinelinux.org/alpine/aports/-/tree/master/community/github-cli). To install stable release: @@ -163,7 +163,7 @@ apk add github-cli@community ### Android -The [GitHub CLI package](https://packages.termux.dev/apt/termux-main/pool/main/g/gh/) is supported by the Termux community with updates powered by [termux/termux-packages](https://github.com/termux/termux-packages/tree/master/packages/gh) +The [GitHub CLI package](https://packages.termux.dev/apt/termux-main/pool/main/g/gh/) is supported by the Termux community with updates powered by [termux/termux-packages](https://github.com/termux/termux-packages/tree/master/packages/gh). To install and upgrade: @@ -173,7 +173,7 @@ pkg install gh ### Arch Linux -The [GitHub CLI package](https://www.archlinux.org/packages/extra/x86_64/github-cli) is supported by the Arch Linux community with updates powered by [Arch Linux packaging](https://gitlab.archlinux.org/archlinux/packaging/packages/github-cli) +The [GitHub CLI package](https://www.archlinux.org/packages/extra/x86_64/github-cli) is supported by the Arch Linux community with updates powered by [Arch Linux packaging](https://gitlab.archlinux.org/archlinux/packaging/packages/github-cli). To install: @@ -243,7 +243,7 @@ flox upgrade toplevel ### FreeBSD -The [GitHub CLI port](https://www.freshports.org/devel/gh/) is supported by the FreeBSD community with updates powered by [FreeBSD ports](https://cgit.freebsd.org/ports/tree/devel/gh) +The [GitHub CLI port](https://www.freshports.org/devel/gh/) is supported by the FreeBSD community with updates powered by [FreeBSD ports](https://cgit.freebsd.org/ports/tree/devel/gh). ```bash cd /usr/ports/devel/gh/ && make install clean @@ -301,7 +301,7 @@ pamac install github-cli ### MidnightBSD -The [GitHub CLI port](https://www.midnightbsd.org/mports/devel/gh/README.html) is supported by the MidnightBSD community with updates powered by [MidnightBSD/mports](https://github.com/MidnightBSD/mports/tree/master/devel/gh) +The [GitHub CLI port](https://www.midnightbsd.org/mports/devel/gh/README.html) is supported by the MidnightBSD community with updates powered by [MidnightBSD/mports](https://github.com/MidnightBSD/mports/tree/master/devel/gh). To install: @@ -362,7 +362,7 @@ sudo zypper update gh ### Solus Linux -The GitHub CLI package is supported by the Solus Linux community with updates powered by [getsolus/packages](https://github.com/getsolus/packages/blob/main/packages/g/github-cli/) +The GitHub CLI package is supported by the Solus Linux community with updates powered by [getsolus/packages](https://github.com/getsolus/packages/blob/main/packages/g/github-cli/). To install: @@ -390,7 +390,7 @@ spack uninstall gh && spack install gh ### Void Linux -The [GitHub CLI package](https://voidlinux.org/packages/?arch=x86_64&q=github-cli): is supported by the Void Linux community with updates powered by [void-linux/void-packages](https://github.com/void-linux/void-packages/tree/master/srcpkgs/github-cli) +The [GitHub CLI package](https://voidlinux.org/packages/?arch=x86_64&q=github-cli): is supported by the Void Linux community with updates powered by [void-linux/void-packages](https://github.com/void-linux/void-packages/tree/master/srcpkgs/github-cli). To install: diff --git a/docs/install_macos.md b/docs/install_macos.md index 5e5cedf72f5..3961f7b10ee 100644 --- a/docs/install_macos.md +++ b/docs/install_macos.md @@ -27,12 +27,6 @@ brew upgrade gh > [!NOTE] > As of May 29th, Mac OS installer `.pkg` are unsigned with efforts prioritized in [`cli/cli#9139`](https://github.com/cli/cli/issues/9139) to support signing them. -### Build from source - -Users who want the latest changes can build the GitHub CLI from source. - -For more information, see [installation from source](install_source.md). - ## Community _(Unofficial)_ > [!IMPORTANT] @@ -78,7 +72,7 @@ flox upgrade toplevel [MacPorts](https://www.macports.org/) is an open-source community initiative to design an easy-to-use system for compiling, installing, and upgrading either command-line, X11 or Aqua based open-source software on the Mac operating system. -The [GitHub CLI port](https://ports.macports.org/port/gh/) is supported by the MacPorts community with updates powered by [macports/macports-ports](https://github.com/macports/macports-ports/blob/master/devel/gh/Portfile) +The [GitHub CLI port](https://ports.macports.org/port/gh/) is supported by the MacPorts community with updates powered by [macports/macports-ports](https://github.com/macports/macports-ports/blob/master/devel/gh/Portfile). To install: diff --git a/docs/install_windows.md b/docs/install_windows.md index c5e67867336..97f7b821ede 100644 --- a/docs/install_windows.md +++ b/docs/install_windows.md @@ -4,7 +4,9 @@ ### WinGet -The [GitHub CLI package](https://winget.run/pkg/GitHub/cli) is supported by Microsoft with updates powered by [microsoft/winget-pkgs](https://github.com/microsoft/winget-pkgs/tree/master/manifests/g/GitHub/cli/) +[WinGet](https://learn.microsoft.com/en-us/windows/package-manager/winget/) is a command line tool enabling users to discover, install, upgrade, remove and configure applications on Windows 10, Windows 11, and Windows Server 2025 computers. This tool is the client interface to the Windows Package Manager service. + +The [GitHub CLI package](https://winget.run/pkg/GitHub/cli) is supported by Microsoft with updates powered by [microsoft/winget-pkgs](https://github.com/microsoft/winget-pkgs/tree/master/manifests/g/GitHub/cli/). To install: @@ -32,7 +34,7 @@ winget upgrade --id GitHub.cli ### Chocolatey -The [GitHub CLI package](https://community.chocolatey.org/packages/gh) is supported by the Chocolatey communty with updates powered by [pauby/ChocoPackages](https://github.com/pauby/ChocoPackages/tree/master/automatic/gh) +The [GitHub CLI package](https://community.chocolatey.org/packages/gh) is supported by the Chocolatey communty with updates powered by [pauby/ChocoPackages](https://github.com/pauby/ChocoPackages/tree/master/automatic/gh). To install: @@ -66,6 +68,8 @@ conda update gh --channel conda-forge ### Scoop +The [GitHub CLI bucket](https://scoop.sh/#/apps?q=gh) is supported by the Scoop community with updated powered by [ScoopInstaller/Main](https://github.com/ScoopInstaller/Main/blob/master/bucket/gh.json). + To install: ```pwsh From 2b11fff6dc83ed75362486358f6651c2b41a4f96 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Thu, 7 Aug 2025 20:31:17 -0400 Subject: [PATCH 27/52] markdown lint fixes --- docs/install_linux.md | 3 ++- docs/install_source.md | 12 +++++++++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/docs/install_linux.md b/docs/install_linux.md index 95bf7646cd4..dcae2d812b7 100644 --- a/docs/install_linux.md +++ b/docs/install_linux.md @@ -341,7 +341,7 @@ The [GitHub CLI port](https://openports.pl/path/devel/github-cli) is supported b To install: -``` +```shell pkg_add github-cli ``` @@ -354,6 +354,7 @@ To install: ```bash sudo zypper install gh ``` + To upgrade: ```bash diff --git a/docs/install_source.md b/docs/install_source.md index e37c7679c31..e08fc8cf187 100644 --- a/docs/install_source.md +++ b/docs/install_source.md @@ -17,7 +17,8 @@ 3. Build and install - #### Unix-like systems + **Unix-like systems** + ```sh # installs to '/usr/local' by default; sudo may be required, or sudo -E for configured go environments $ make install @@ -26,16 +27,19 @@ $ make install prefix=/path/to/gh ``` - #### Windows + **Windows** + ```pwsh # build the `bin\gh.exe` binary > go run script\build.go ``` + There is no install step available on Windows. 4. Run `gh version` to check if it worked. - #### Windows + **Windows** + Run `bin\gh version` to check if it worked. ## Cross-compiling binaries for different platforms @@ -44,10 +48,12 @@ You can use any platform with Go installed to build a binary that is intended fo or CPU architecture. This is achieved by setting environment variables such as GOOS and GOARCH. For example, to compile the `gh` binary for the 32-bit Raspberry Pi OS: + ```sh # on a Unix-like system: $ GOOS=linux GOARCH=arm GOARM=7 CGO_ENABLED=0 make clean bin/gh ``` + ```pwsh # on Windows, pass environment variables as arguments to the build script: > go run script\build.go clean bin\gh GOOS=linux GOARCH=arm GOARM=7 CGO_ENABLED=0 From 5811b267bf135cb4c5ab36607c12c6313658fa27 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Thu, 7 Aug 2025 20:39:04 -0400 Subject: [PATCH 28/52] Update docs on contributing new install methods Now that our installation docs more clearly delineate official and unofficial installation methods, the maintainers are more open to contributions from communities. --- .github/CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index c6b68a9546e..f56cf9d82e3 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -10,6 +10,7 @@ We accept pull requests for bug fixes and features where we've discussed the app * Open an issue if things aren't working as expected * Open an issue to propose a significant change * Open an issue to propose a design for an issue labelled [`needs-design` and `help wanted`][needs design and help wanted], following the [proposing a design guidelines](#proposing-a-design) instructions below +* Open an issue to propose a new community supported `gh` package with details about support and redistribution * Mention `@cli/code-reviewers` when an issue you want to work on does not have clear Acceptance Criteria * Open a pull request for any issue labelled [`help wanted`][hw] and [`good first issue`][gfi] @@ -17,7 +18,6 @@ We accept pull requests for bug fixes and features where we've discussed the app * Open a pull request for issues without the `help wanted` label or explicit Acceptance Criteria * Expand pull request scope to include changes that are not described in the issue's Acceptance Criteria -* Add installation instructions specifically for your OS/package manager * Open pull requests for any issue marked `core`. These issues require additional context from the core CLI team at GitHub and any external pull requests will not be accepted From 275741442561218e0460d3c7296bacc57d49c49a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 8 Aug 2025 13:39:30 +0000 Subject: [PATCH 29/52] chore(deps): bump github.com/yuin/goldmark from 1.7.12 to 1.7.13 Bumps [github.com/yuin/goldmark](https://github.com/yuin/goldmark) from 1.7.12 to 1.7.13. - [Release notes](https://github.com/yuin/goldmark/releases) - [Commits](https://github.com/yuin/goldmark/compare/v1.7.12...v1.7.13) --- updated-dependencies: - dependency-name: github.com/yuin/goldmark dependency-version: 1.7.13 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c1e32233114..6953b690699 100644 --- a/go.mod +++ b/go.mod @@ -50,7 +50,7 @@ require ( github.com/spf13/pflag v1.0.7 github.com/stretchr/testify v1.10.0 github.com/theupdateframework/go-tuf/v2 v2.1.1 - github.com/yuin/goldmark v1.7.12 + github.com/yuin/goldmark v1.7.13 github.com/zalando/go-keyring v0.2.6 golang.org/x/crypto v0.40.0 golang.org/x/sync v0.16.0 diff --git a/go.sum b/go.sum index cd23474dc81..b84c4dee31d 100644 --- a/go.sum +++ b/go.sum @@ -1424,8 +1424,8 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/yuin/goldmark v1.7.12 h1:YwGP/rrea2/CnCtUHgjuolG/PnMxdQtPMO5PvaE2/nY= -github.com/yuin/goldmark v1.7.12/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg= +github.com/yuin/goldmark v1.7.13 h1:GPddIs617DnBLFFVJFgpo1aBfe/4xcvMc3SB5t/D0pA= +github.com/yuin/goldmark v1.7.13/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg= github.com/yuin/goldmark-emoji v1.0.6 h1:QWfF2FYaXwL74tfGOW5izeiZepUDroDJfWubQI9HTHs= github.com/yuin/goldmark-emoji v1.0.6/go.mod h1:ukxJDKFpdFb5x0a5HqbdlcKtebh086iJpI31LTKmWuA= github.com/zalando/go-keyring v0.2.6 h1:r7Yc3+H+Ux0+M72zacZoItR3UDxeWfKTcabvkI8ua9s= From ecbabe8dc2c6d7d361f428f302bd3f6b1622d33e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 8 Aug 2025 13:40:32 +0000 Subject: [PATCH 30/52] chore(deps): bump google.golang.org/grpc from 1.73.0 to 1.74.2 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.73.0 to 1.74.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.73.0...v1.74.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.74.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index c1e32233114..bbad9d9953e 100644 --- a/go.mod +++ b/go.mod @@ -56,7 +56,7 @@ require ( golang.org/x/sync v0.16.0 golang.org/x/term v0.33.0 golang.org/x/text v0.27.0 - google.golang.org/grpc v1.73.0 + google.golang.org/grpc v1.74.2 google.golang.org/protobuf v1.36.6 gopkg.in/h2non/gock.v1 v1.1.2 gopkg.in/yaml.v3 v3.0.1 @@ -64,7 +64,7 @@ require ( require ( al.essio.dev/pkg/shellescape v1.6.0 // indirect - cel.dev/expr v0.23.1 // indirect + cel.dev/expr v0.24.0 // indirect cloud.google.com/go v0.121.1 // indirect cloud.google.com/go/auth v0.16.2 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect @@ -101,7 +101,7 @@ require ( github.com/charmbracelet/x/term v0.2.1 // indirect github.com/cli/browser v1.3.0 // indirect github.com/cli/shurcooL-graphql v0.0.4 // indirect - github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f // indirect + github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 // indirect github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467 // indirect github.com/danieljoos/wincred v1.2.2 // indirect diff --git a/go.sum b/go.sum index cd23474dc81..21d4138843f 100644 --- a/go.sum +++ b/go.sum @@ -1,7 +1,7 @@ al.essio.dev/pkg/shellescape v1.6.0 h1:NxFcEqzFSEVCGN2yq7Huv/9hyCEGVa/TncnOOBBeXHA= al.essio.dev/pkg/shellescape v1.6.0/go.mod h1:6sIqp7X2P6mThCQ7twERpZTuigpr6KbZWtls1U8I890= -cel.dev/expr v0.23.1 h1:K4KOtPCJQjVggkARsjG9RWXP6O4R73aHeJMa/dmCQQg= -cel.dev/expr v0.23.1/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw= +cel.dev/expr v0.24.0 h1:56OvJKSH3hDGL0ml5uSxZmz3/3Pq4tJ+fb1unVLAFcY= +cel.dev/expr v0.24.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= @@ -809,8 +809,8 @@ github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f h1:C5bqEmzEPLsHm9Mv73lSE9e9bKV23aB1vxOsmZrkl3k= -github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8= +github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 h1:aQ3y1lwWyqYPiWZThqv1aFbZMiM9vblcSArJRf2Irls= +github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8= github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUoc7Ik9EfrFqcylYqgPZ9ANSbTAntnE= github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb/go.mod h1:ZjrT6AXHbDs86ZSdt/osfBi5qfexBrKUdONk989Wnk4= github.com/containerd/stargz-snapshotter/estargz v0.16.3 h1:7evrXtoh1mSbGj/pfRccTampEyKpjpOnS3CyiV1Ebr8= @@ -2137,8 +2137,8 @@ google.golang.org/grpc v1.52.3/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5v google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g= google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= -google.golang.org/grpc v1.73.0 h1:VIWSmpI2MegBtTuFt5/JWy2oXxtjJ/e89Z70ImfD2ok= -google.golang.org/grpc v1.73.0/go.mod h1:50sbHOUqWoCQGI8V2HQLJM0B+LMlIUjNSZmow7EVBQc= +google.golang.org/grpc v1.74.2 h1:WoosgB65DlWVC9FqI82dGsZhWFNBSLjQ84bjROOpMu4= +google.golang.org/grpc v1.74.2/go.mod h1:CtQ+BGjaAIXHs/5YS3i473GqwBBa1zGQNevxdeBEXrM= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= From 63462f8e400583c41f2c806ce121fdc3a2641941 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Fri, 8 Aug 2025 14:21:25 -0400 Subject: [PATCH 31/52] Consolidate repo profile, fix headings After discussing changes with @bagtoad, we talked about consolidating the top-level readme further to reduce the amount of links. Additionally, the Amazon Linux 2 and openSUSE/SUSE sections weren't contained appropriately in the official sections. --- README.md | 19 +++---------------- docs/install_linux.md | 4 ++-- 2 files changed, 5 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 84ab978fd40..dead0febb4d 100644 --- a/README.md +++ b/README.md @@ -21,38 +21,25 @@ If you are a hubber and are interested in shipping new commands for the CLI, che ### [macOS](docs/install_macos.md) -#### [Recommended _(Official)_](docs/install_macos.md#recommended-official) - - [Homebrew](docs/install_macos.md#homebrew) - [Precompiled binaries](docs/install_macos.md#precompiled-binaries) on [releases page][] -#### [Community _(Unofficial)_](docs/install_macos.md#community-unofficial) - -- Package managers: [Conda](docs/install_macos.md#conda), [Flox](docs/install_macos.md#flox), [MacPorts](docs/install_macos.md#macports), [Spack](docs/install_macos.md#spack), [Webi](docs/install_macos.md#webi) +For additional packages and installers, see [community-supported docs](docs/install_macos.md#community-unofficial) ### [Linux & Unix](docs/install_linux.md) -#### [Recommended _(Official)_](docs/install_linux.md#recommended-official) - - [Debian, Raspberry Pi, Ubuntu](docs/install_linux.md#debian) - [Amazon Linux, CentOS, Fedora, openSUSE, RHEL, SUSE](docs/install_linux.md#rpm) - [Precompiled binaries](docs/install_linux.md#precompiled-binaries) on [releases page][] -#### [Community _(Unofficial)_](docs/install_linux.md#community-unofficial) - -- Package managers: [Conda](docs/install_linux.md#conda), [Flox](docs/install_linux.md#flox), [Spack](docs/install_linux.md#spack), [Webi](docs/install_linux.md#webi) -- Operating systems: [Alpine Linux](docs/install_linux.md#alpine-linux), [Android](docs/install_linux.md#android), [Arch Linux](docs/install_linux.md#arch-linux), [Fedora Community](docs/install_linux.md#fedora-community), [FreeBSD](docs/install_linux.md#freebsd), [Funtoo](docs/install_linux.md#funtoo), [Gentoo](docs/install_linux.md#gentoo), [Manjaro Linux](docs/install_linux.md#manjaro-linux), [MidnightBSD](docs/install_linux.md#midnightbsd), [NetBSD/pkgsrc](docs/install_linux.md#netbsdpkgsrc), [Nix/NixOS](docs/install_linux.md#nixnixos), [OpenBSD](docs/install_linux.md#openbsd), [openSUSE Tumbleweed](docs/install_linux.md#opensuse-tumbleweed), [Solus Linux](docs/install_linux.md#solus-linux), [Void Linux](docs/install_linux.md#void-linux). +For additional packages and installers, see [community-supported docs](docs/install_linux.md#community-unofficial) ### [Windows](docs/install_windows.md) -#### [Recommended _(Official)_](docs/install_windows.md#recommended-official) - - [WinGet](docs/install_windows.md#winget) - [Precompiled binaries](docs/install_windows.md#precompiled-binaries) on [releases page][] -#### [Community _(Unofficial)_](docs/install_windows.md#community-unofficial) - -- Package managers: [Chocolatey](docs/install_windows.md#chocolatey), [Conda](docs/install_windows.md#conda), [Scoop](docs/install_windows.md#scoop), [Webi](docs/install_windows.md#webi) +For additional packages and installers, see [community-supported docs](docs/install_windows.md#community-unofficial) ### Build from source diff --git a/docs/install_linux.md b/docs/install_linux.md index dcae2d812b7..0200e607f97 100644 --- a/docs/install_linux.md +++ b/docs/install_linux.md @@ -84,7 +84,7 @@ To upgrade: sudo dnf update gh ``` -### Amazon Linux 2 (yum) +#### Amazon Linux 2 (yum) To install: @@ -100,7 +100,7 @@ To upgrade: sudo yum update gh ``` -### openSUSE/SUSE Linux (zypper) +#### openSUSE/SUSE Linux (zypper) To install: From 19410112c46338d0f1dd8513c17b64432cd7195f Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Fri, 8 Aug 2025 14:58:50 -0400 Subject: [PATCH 32/52] Update docs/install_windows.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- docs/install_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/install_windows.md b/docs/install_windows.md index 97f7b821ede..a0d2f415227 100644 --- a/docs/install_windows.md +++ b/docs/install_windows.md @@ -34,7 +34,7 @@ winget upgrade --id GitHub.cli ### Chocolatey -The [GitHub CLI package](https://community.chocolatey.org/packages/gh) is supported by the Chocolatey communty with updates powered by [pauby/ChocoPackages](https://github.com/pauby/ChocoPackages/tree/master/automatic/gh). +The [GitHub CLI package](https://community.chocolatey.org/packages/gh) is supported by the Chocolatey community with updates powered by [pauby/ChocoPackages](https://github.com/pauby/ChocoPackages/tree/master/automatic/gh). To install: From 2faba515d87ee1ce350ed4719642a8dd7e37618f Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Fri, 8 Aug 2025 14:59:35 -0400 Subject: [PATCH 33/52] Apply suggestion from @Copilot Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- docs/install_linux.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/install_linux.md b/docs/install_linux.md index 0200e607f97..15d077e1d86 100644 --- a/docs/install_linux.md +++ b/docs/install_linux.md @@ -420,7 +420,7 @@ webi gh@stable ## Discouraged > [!WARNING] -> The GitHub CLI team actively discourages use of the following methods of installion. +> The GitHub CLI team actively discourages use of the following methods of installation. ### Snap From ec086af25cc631e36c90135a36c21a2718d508e8 Mon Sep 17 00:00:00 2001 From: ejahnGithub Date: Fri, 8 Aug 2025 17:32:30 -0400 Subject: [PATCH 34/52] add test for FetchRefSHA --- pkg/cmd/release/shared/fetch.go | 10 ++- pkg/cmd/release/shared/fetch_test.go | 103 +++++++++++++++++++++++++++ 2 files changed, 110 insertions(+), 3 deletions(-) create mode 100644 pkg/cmd/release/shared/fetch_test.go diff --git a/pkg/cmd/release/shared/fetch.go b/pkg/cmd/release/shared/fetch.go index f25c1780720..620372eea1f 100644 --- a/pkg/cmd/release/shared/fetch.go +++ b/pkg/cmd/release/shared/fetch.go @@ -150,7 +150,6 @@ func FetchRefSHA(ctx context.Context, httpClient *http.Client, repo ghrepo.Inter if resp.StatusCode == http.StatusNotFound { _, _ = io.Copy(io.Discard, resp.Body) - // ErrRefNotFound return "", ErrReleaseNotFound } @@ -160,11 +159,16 @@ func FetchRefSHA(ctx context.Context, httpClient *http.Client, repo ghrepo.Inter var ref struct { Object struct { - SHA string `json:"sha"` + SHA string `json:"sha,omitempty"` } `json:"object"` } + if err := json.NewDecoder(resp.Body).Decode(&ref); err != nil { - // release not found + return "", fmt.Errorf("failed to parse Git ref response: %w", err) + } + + // Check if SHA is empty after successful JSON parsing + if ref.Object.SHA == "" { return "", ErrReleaseNotFound } diff --git a/pkg/cmd/release/shared/fetch_test.go b/pkg/cmd/release/shared/fetch_test.go new file mode 100644 index 00000000000..1cbf414f23d --- /dev/null +++ b/pkg/cmd/release/shared/fetch_test.go @@ -0,0 +1,103 @@ +package shared + +import ( + "context" + "net/http" + "testing" + + "github.com/cli/cli/v2/internal/ghrepo" + "github.com/cli/cli/v2/pkg/httpmock" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestFetchRefSHA(t *testing.T) { + tests := []struct { + name string + tagName string + responseStatus int + responseBody string + expectedSHA string + errorMessage string + }{ + { + name: "full semver tag", + tagName: "v1.2.3", + responseStatus: 200, + responseBody: `{"object": {"sha": "1234567890abcdef1234567890abcdef12345678"}}`, + expectedSHA: "1234567890abcdef1234567890abcdef12345678", + }, + { + name: "partial semver - major only", + tagName: "v1", + responseStatus: 200, + responseBody: `{"object": {"sha": "abcdef1234567890abcdef1234567890abcdef12"}}`, + expectedSHA: "abcdef1234567890abcdef1234567890abcdef12", + }, + { + name: "partial semver - major.minor", + tagName: "v1.2", + responseStatus: 200, + responseBody: `{"object": {"sha": "fedcba0987654321fedcba0987654321fedcba09"}}`, + expectedSHA: "fedcba0987654321fedcba0987654321fedcba09", + }, + { + name: "prerelease tag", + tagName: "v1.2.3-alpha.1", + responseStatus: 200, + responseBody: `{"object": {"sha": "9876543210fedcba9876543210fedcba98765432"}}`, + expectedSHA: "9876543210fedcba9876543210fedcba98765432", + }, + { + name: "tag not found", + tagName: "v99.99.99", + responseStatus: 404, + responseBody: ``, + errorMessage: "release not found", + }, + { + name: "empty response body with 200 status", + tagName: "v1.0.0", + responseStatus: 200, + responseBody: `{}`, + errorMessage: "release not found", + }, + { + name: "malformed JSON response", + tagName: "v1.0.0", + responseStatus: 200, + responseBody: `{"object": {"sha":`, + errorMessage: "failed to parse Git ref response: unexpected EOF", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + fakeHTTP := &httpmock.Registry{} + defer fakeHTTP.Verify(t) + + repo, err := ghrepo.FromFullName("owner/repo") + require.NoError(t, err) + + path := "repos/owner/repo/git/refs/tags/" + tt.tagName + if tt.responseStatus == 404 { + fakeHTTP.Register(httpmock.REST("GET", path), httpmock.StatusStringResponse(404, "Not Found")) + } else { + fakeHTTP.Register(httpmock.REST("GET", path), httpmock.StringResponse(tt.responseBody)) + } + + httpClient := &http.Client{Transport: fakeHTTP} + ctx := context.Background() + + sha, err := FetchRefSHA(ctx, httpClient, repo, tt.tagName) + + if tt.errorMessage != "" { + require.Error(t, err) + assert.EqualError(t, err, tt.errorMessage) + } else { + require.NoError(t, err) + assert.Equal(t, tt.expectedSHA, sha) + } + }) + } +} From 3f55855e8b606bce02af4dfbe5af62c8ee2751d5 Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Fri, 8 Aug 2025 16:10:22 -0600 Subject: [PATCH 35/52] Update govulncheck workflow to scan source code Changed govulncheck to run on all source files (./...) instead of the built binary. This fixes uploading to GitHub Code Scanning as the location data will be valid, so it will get accepted. --- .github/workflows/govulncheck.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml index 42d94077cfb..abd9c101183 100644 --- a/.github/workflows/govulncheck.yml +++ b/.github/workflows/govulncheck.yml @@ -21,8 +21,7 @@ jobs: # See https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck#hdr-Exit_codes for more information on exit codes. - name: Check Go vulnerabilities run: | - make - go run golang.org/x/vuln/cmd/govulncheck@d1f380186385b4f64e00313f31743df8e4b89a77 -mode=binary -format sarif bin/gh > gh.sarif + go run golang.org/x/vuln/cmd/govulncheck@d1f380186385b4f64e00313f31743df8e4b89a77 -format sarif ./... > gh.sarif - name: Upload SARIF report uses: github/codeql-action/upload-sarif@9b02dc2f60288b463e7a66e39c78829b62780db7 # 2.22.1 From 3bafd883b5c6c35eb70136d11e6d65523a59bda3 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Mon, 11 Aug 2025 14:50:07 -0400 Subject: [PATCH 36/52] Update v1 project detection logic This change updates the v1 project detection logic to retrieve the API version of GHES host to determine support. --- .../feature_detection_test.go | 74 ++++++++++++++++--- 1 file changed, 63 insertions(+), 11 deletions(-) diff --git a/internal/featuredetection/feature_detection_test.go b/internal/featuredetection/feature_detection_test.go index 2c7d190716a..e850546a789 100644 --- a/internal/featuredetection/feature_detection_test.go +++ b/internal/featuredetection/feature_detection_test.go @@ -373,17 +373,69 @@ func TestRepositoryFeatures(t *testing.T) { } func TestProjectV1Support(t *testing.T) { - t.Parallel() + tests := []struct { + name string + hostname string + httpStubs func(*httpmock.Registry) + wantFeatures gh.ProjectsV1Support + }{ + { + name: "github.com", + hostname: "github.com", + wantFeatures: gh.ProjectsV1Unsupported, + }, + { + name: "ghec data residency (ghe.com)", + hostname: "stampname.ghe.com", + wantFeatures: gh.ProjectsV1Unsupported, + }, + { + name: "GHE 3.16.0", + hostname: "git.my.org", + httpStubs: func(reg *httpmock.Registry) { + reg.Register( + httpmock.REST("GET", "api/v3/meta"), + httpmock.StringResponse(`{"installed_version":"3.16.0"}`), + ) + }, + wantFeatures: gh.ProjectsV1Supported, + }, + { + name: "GHE 3.16.1", + hostname: "git.my.org", + httpStubs: func(reg *httpmock.Registry) { + reg.Register( + httpmock.REST("GET", "api/v3/meta"), + httpmock.StringResponse(`{"installed_version":"3.16.1"}`), + ) + }, + wantFeatures: gh.ProjectsV1Supported, + }, + { + name: "GHE 3.17", + hostname: "git.my.org", + httpStubs: func(reg *httpmock.Registry) { + reg.Register( + httpmock.REST("GET", "api/v3/meta"), + httpmock.StringResponse(`{"installed_version":"3.17.0"}`), + ) + }, + wantFeatures: gh.ProjectsV1Unsupported, + }, + } - t.Run("when the host is enterprise, project v1 is supported", func(t *testing.T) { - detector := detector{host: "my.ghes.com"} - isProjectV1Supported := detector.ProjectsV1() - require.Equal(t, gh.ProjectsV1Supported, isProjectV1Supported) - }) + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + t.Parallel() + reg := &httpmock.Registry{} + if tt.httpStubs != nil { + tt.httpStubs(reg) + } + httpClient := &http.Client{} + httpmock.ReplaceTripper(httpClient, reg) - t.Run("when the host is not enterprise, project v1 is not supported", func(t *testing.T) { - detector := detector{host: "github.com"} - isProjectV1Supported := detector.ProjectsV1() - require.Equal(t, gh.ProjectsV1Unsupported, isProjectV1Supported) - }) + detector := NewDetector(httpClient, tt.hostname) + require.Equal(t, tt.wantFeatures, detector.ProjectsV1()) + }) + } } From 5b9324bb467597dd99a8eb2e8a518b9fca19ef71 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Mon, 11 Aug 2025 16:50:12 -0400 Subject: [PATCH 37/52] PR feedback from @bagtoad --- README.md | 6 +++--- docs/install_linux.md | 2 +- docs/install_macos.md | 2 +- docs/install_windows.md | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index dead0febb4d..2fc58968f8c 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ If you are a hubber and are interested in shipping new commands for the CLI, che - [Homebrew](docs/install_macos.md#homebrew) - [Precompiled binaries](docs/install_macos.md#precompiled-binaries) on [releases page][] -For additional packages and installers, see [community-supported docs](docs/install_macos.md#community-unofficial) +For additional macOS packages and installers, see [community-supported docs](docs/install_macos.md#community-unofficial) ### [Linux & Unix](docs/install_linux.md) @@ -32,14 +32,14 @@ For additional packages and installers, see [community-supported docs](docs/inst - [Amazon Linux, CentOS, Fedora, openSUSE, RHEL, SUSE](docs/install_linux.md#rpm) - [Precompiled binaries](docs/install_linux.md#precompiled-binaries) on [releases page][] -For additional packages and installers, see [community-supported docs](docs/install_linux.md#community-unofficial) +For additional Linux & Unix packages and installers, see [community-supported docs](docs/install_linux.md#community-unofficial) ### [Windows](docs/install_windows.md) - [WinGet](docs/install_windows.md#winget) - [Precompiled binaries](docs/install_windows.md#precompiled-binaries) on [releases page][] -For additional packages and installers, see [community-supported docs](docs/install_windows.md#community-unofficial) +For additional Windows packages and installers, see [community-supported docs](docs/install_windows.md#community-unofficial) ### Build from source diff --git a/docs/install_linux.md b/docs/install_linux.md index 15d077e1d86..c3efb087723 100644 --- a/docs/install_linux.md +++ b/docs/install_linux.md @@ -142,7 +142,7 @@ brew upgrade gh ## Community _(Unofficial)_ > [!IMPORTANT] -> The GitHub CLI team does not maintain the following packages or repositories and thus we are unable to provide support for those installation methods. +> The GitHub CLI team does not maintain the following packages or repositories. We are unable to provide support for these installation methods or any guarantees of stability, security, or availability for these installation methods. ### Alpine Linux diff --git a/docs/install_macos.md b/docs/install_macos.md index 3961f7b10ee..14d68d96c6c 100644 --- a/docs/install_macos.md +++ b/docs/install_macos.md @@ -30,7 +30,7 @@ brew upgrade gh ## Community _(Unofficial)_ > [!IMPORTANT] -> The GitHub CLI team does not maintain the following packages or repositories and thus we are unable to provide support for those installation methods. +> The GitHub CLI team does not maintain the following packages or repositories. We are unable to provide support for these installation methods or any guarantees of stability, security, or availability for these installation methods. ### Conda diff --git a/docs/install_windows.md b/docs/install_windows.md index a0d2f415227..88ddc99b8d3 100644 --- a/docs/install_windows.md +++ b/docs/install_windows.md @@ -30,7 +30,7 @@ winget upgrade --id GitHub.cli ## Community _(Unofficial)_ > [!IMPORTANT] -> The GitHub CLI team does not maintain the following packages or repositories and thus we are unable to provide support for those installation methods. +> The GitHub CLI team does not maintain the following packages or repositories. We are unable to provide support for these installation methods or any guarantees of stability, security, or availability for these installation methods. ### Chocolatey From 7851c9c664b7ba3228d8f840df5ff0eefc1b1f9c Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Tue, 12 Aug 2025 16:18:45 -0400 Subject: [PATCH 38/52] Update `gh issue view` to show v2 projects These changes enhance the existing `gh issue view` experience by listing v2 projects in interactive and non-interactive forms. Additionally, the tests have been enhanced to use a more standard `httpStubs` approach from other tests. --- api/queries_issue.go | 3 +- api/queries_projects_v2.go | 5 +- pkg/cmd/issue/view/view.go | 20 ++++- pkg/cmd/issue/view/view_test.go | 144 ++++++++++++++++++++++++-------- 4 files changed, 131 insertions(+), 41 deletions(-) diff --git a/api/queries_issue.go b/api/queries_issue.go index 24e0b4f4c29..1a8e082ad8f 100644 --- a/api/queries_issue.go +++ b/api/queries_issue.go @@ -166,7 +166,8 @@ type ProjectCards struct { } type ProjectItems struct { - Nodes []*ProjectV2Item + Nodes []*ProjectV2Item + TotalCount int } type ProjectInfo struct { diff --git a/api/queries_projects_v2.go b/api/queries_projects_v2.go index f1f07af7a08..e55127f029d 100644 --- a/api/queries_projects_v2.go +++ b/api/queries_projects_v2.go @@ -82,8 +82,9 @@ func ProjectsV2ItemsForIssue(client *Client, repo ghrepo.Interface, issue *Issue Repository struct { Issue struct { ProjectItems struct { - Nodes []*projectV2Item - PageInfo struct { + TotalCount int + Nodes []*projectV2Item + PageInfo struct { HasNextPage bool EndCursor string } diff --git a/pkg/cmd/issue/view/view.go b/pkg/cmd/issue/view/view.go index 3b02a3f2dc7..41c01ef40d9 100644 --- a/pkg/cmd/issue/view/view.go +++ b/pkg/cmd/issue/view/view.go @@ -124,6 +124,7 @@ func viewRun(opts *ViewOptions) error { opts.Detector = fd.NewDetector(cachedClient, baseRepo.RepoHost()) } + lookupFields.Add("projectItems") projectsV1Support := opts.Detector.ProjectsV1() if projectsV1Support == gh.ProjectsV1Supported { lookupFields.Add("projectCards") @@ -310,11 +311,24 @@ func issueAssigneeList(issue api.Issue) string { } func issueProjectList(issue api.Issue) string { - if len(issue.ProjectCards.Nodes) == 0 { + totalCount := issue.ProjectCards.TotalCount + issue.ProjectItems.TotalCount + count := len(issue.ProjectCards.Nodes) + len(issue.ProjectItems.Nodes) + + if count == 0 { return "" } - projectNames := make([]string, 0, len(issue.ProjectCards.Nodes)) + projectNames := make([]string, 0, count) + + for _, project := range issue.ProjectItems.Nodes { + colName := project.Status.Name + if colName == "" { + colName = "No Status" + } + projectNames = append(projectNames, fmt.Sprintf("%s (%s)", project.Project.Title, colName)) + } + + // TODO: Remove v1 classic project logic when completely deprecated for _, project := range issue.ProjectCards.Nodes { colName := project.Column.Name if colName == "" { @@ -324,7 +338,7 @@ func issueProjectList(issue api.Issue) string { } list := strings.Join(projectNames, ", ") - if issue.ProjectCards.TotalCount > len(issue.ProjectCards.Nodes) { + if totalCount > count { list += ", …" } return list diff --git a/pkg/cmd/issue/view/view_test.go b/pkg/cmd/issue/view/view_test.go index 71b0884a1d8..aa6002563e8 100644 --- a/pkg/cmd/issue/view/view_test.go +++ b/pkg/cmd/issue/view/view_test.go @@ -2,7 +2,6 @@ package view import ( "bytes" - "fmt" "io" "net/http" "testing" @@ -137,11 +136,14 @@ func TestIssueView_web(t *testing.T) { func TestIssueView_nontty_Preview(t *testing.T) { tests := map[string]struct { - fixture string + httpStubs func(*httpmock.Registry) expectedOutputs []string }{ "Open issue without metadata": { - fixture: "./fixtures/issueView_preview.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_preview.json")) + mockEmptyV2ProjectItems(t, r) + }, expectedOutputs: []string{ `title:\tix of coins`, `state:\tOPEN`, @@ -153,7 +155,10 @@ func TestIssueView_nontty_Preview(t *testing.T) { }, }, "Open issue with metadata": { - fixture: "./fixtures/issueView_previewWithMetadata.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewWithMetadata.json")) + mockV2ProjectItems(t, r) + }, expectedOutputs: []string{ `title:\tix of coins`, `assignees:\tmarseilles, monaco`, @@ -161,14 +166,17 @@ func TestIssueView_nontty_Preview(t *testing.T) { `state:\tOPEN`, `comments:\t9`, `labels:\tClosed: Duplicate, Closed: Won't Fix, help wanted, Status: In Progress, Type: Bug`, - `projects:\tProject 1 \(column A\), Project 2 \(column B\), Project 3 \(column C\), Project 4 \(Awaiting triage\)\n`, + `projects:\tv2 Project 1 \(No Status\), v2 Project 2 \(Done\), Project 1 \(column A\), Project 2 \(column B\), Project 3 \(column C\), Project 4 \(Awaiting triage\)\n`, `milestone:\tuluru\n`, `number:\t123\n`, `\*\*bold story\*\*`, }, }, "Open issue with empty body": { - fixture: "./fixtures/issueView_previewWithEmptyBody.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewWithEmptyBody.json")) + mockEmptyV2ProjectItems(t, r) + }, expectedOutputs: []string{ `title:\tix of coins`, `state:\tOPEN`, @@ -178,7 +186,10 @@ func TestIssueView_nontty_Preview(t *testing.T) { }, }, "Closed issue": { - fixture: "./fixtures/issueView_previewClosedState.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewClosedState.json")) + mockEmptyV2ProjectItems(t, r) + }, expectedOutputs: []string{ `title:\tix of coins`, `state:\tCLOSED`, @@ -194,8 +205,9 @@ func TestIssueView_nontty_Preview(t *testing.T) { t.Run(name, func(t *testing.T) { http := &httpmock.Registry{} defer http.Verify(t) - - http.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse(tc.fixture)) + if tc.httpStubs != nil { + tc.httpStubs(http) + } output, err := runCommand(http, false, "123") if err != nil { @@ -212,11 +224,14 @@ func TestIssueView_nontty_Preview(t *testing.T) { func TestIssueView_tty_Preview(t *testing.T) { tests := map[string]struct { - fixture string + httpStubs func(*httpmock.Registry) expectedOutputs []string }{ "Open issue without metadata": { - fixture: "./fixtures/issueView_preview.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_preview.json")) + mockEmptyV2ProjectItems(t, r) + }, expectedOutputs: []string{ `ix of coins OWNER/REPO#123`, `Open.*marseilles opened about 9 years ago.*9 comments`, @@ -225,21 +240,27 @@ func TestIssueView_tty_Preview(t *testing.T) { }, }, "Open issue with metadata": { - fixture: "./fixtures/issueView_previewWithMetadata.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewWithMetadata.json")) + mockV2ProjectItems(t, r) + }, expectedOutputs: []string{ `ix of coins OWNER/REPO#123`, `Open.*marseilles opened about 9 years ago.*9 comments`, `8 \x{1f615} • 7 \x{1f440} • 6 \x{2764}\x{fe0f} • 5 \x{1f389} • 4 \x{1f604} • 3 \x{1f680} • 2 \x{1f44e} • 1 \x{1f44d}`, `Assignees:.*marseilles, monaco\n`, `Labels:.*Closed: Duplicate, Closed: Won't Fix, help wanted, Status: In Progress, Type: Bug\n`, - `Projects:.*Project 1 \(column A\), Project 2 \(column B\), Project 3 \(column C\), Project 4 \(Awaiting triage\)\n`, + `Projects:.*v2 Project 1 \(No Status\), v2 Project 2 \(Done\), Project 1 \(column A\), Project 2 \(column B\), Project 3 \(column C\), Project 4 \(Awaiting triage\)\n`, `Milestone:.*uluru\n`, `bold story`, `View this issue on GitHub: https://github.com/OWNER/REPO/issues/123`, }, }, "Open issue with empty body": { - fixture: "./fixtures/issueView_previewWithEmptyBody.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewWithEmptyBody.json")) + mockEmptyV2ProjectItems(t, r) + }, expectedOutputs: []string{ `ix of coins OWNER/REPO#123`, `Open.*marseilles opened about 9 years ago.*9 comments`, @@ -248,7 +269,10 @@ func TestIssueView_tty_Preview(t *testing.T) { }, }, "Closed issue": { - fixture: "./fixtures/issueView_previewClosedState.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewClosedState.json")) + mockEmptyV2ProjectItems(t, r) + }, expectedOutputs: []string{ `ix of coins OWNER/REPO#123`, `Closed.*marseilles opened about 9 years ago.*9 comments`, @@ -266,8 +290,9 @@ func TestIssueView_tty_Preview(t *testing.T) { httpReg := &httpmock.Registry{} defer httpReg.Verify(t) - - httpReg.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse(tc.fixture)) + if tc.httpStubs != nil { + tc.httpStubs(httpReg) + } opts := ViewOptions{ IO: ios, @@ -354,14 +379,15 @@ func TestIssueView_disabledIssues(t *testing.T) { func TestIssueView_tty_Comments(t *testing.T) { tests := map[string]struct { cli string - fixtures map[string]string + httpStubs func(*httpmock.Registry) expectedOutputs []string wantsErr bool }{ "without comments flag": { cli: "123", - fixtures: map[string]string{ - "IssueByNumber": "./fixtures/issueView_previewSingleComment.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewSingleComment.json")) + mockEmptyV2ProjectItems(t, r) }, expectedOutputs: []string{ `some title OWNER/REPO#123`, @@ -375,9 +401,10 @@ func TestIssueView_tty_Comments(t *testing.T) { }, "with comments flag": { cli: "123 --comments", - fixtures: map[string]string{ - "IssueByNumber": "./fixtures/issueView_previewSingleComment.json", - "CommentsForIssue": "./fixtures/issueView_previewFullComments.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewSingleComment.json")) + r.Register(httpmock.GraphQL(`query CommentsForIssue\b`), httpmock.FileResponse("./fixtures/issueView_previewFullComments.json")) + mockEmptyV2ProjectItems(t, r) }, expectedOutputs: []string{ `some title OWNER/REPO#123`, @@ -406,9 +433,8 @@ func TestIssueView_tty_Comments(t *testing.T) { t.Run(name, func(t *testing.T) { http := &httpmock.Registry{} defer http.Verify(t) - for name, file := range tc.fixtures { - name := fmt.Sprintf(`query %s\b`, name) - http.Register(httpmock.GraphQL(name), httpmock.FileResponse(file)) + if tc.httpStubs != nil { + tc.httpStubs(http) } output, err := runCommand(http, true, tc.cli) if tc.wantsErr { @@ -426,14 +452,15 @@ func TestIssueView_tty_Comments(t *testing.T) { func TestIssueView_nontty_Comments(t *testing.T) { tests := map[string]struct { cli string - fixtures map[string]string + httpStubs func(*httpmock.Registry) expectedOutputs []string wantsErr bool }{ "without comments flag": { cli: "123", - fixtures: map[string]string{ - "IssueByNumber": "./fixtures/issueView_previewSingleComment.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewSingleComment.json")) + mockEmptyV2ProjectItems(t, r) }, expectedOutputs: []string{ `title:\tsome title`, @@ -446,9 +473,10 @@ func TestIssueView_nontty_Comments(t *testing.T) { }, "with comments flag": { cli: "123 --comments", - fixtures: map[string]string{ - "IssueByNumber": "./fixtures/issueView_previewSingleComment.json", - "CommentsForIssue": "./fixtures/issueView_previewFullComments.json", + httpStubs: func(r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueByNumber\b`), httpmock.FileResponse("./fixtures/issueView_previewSingleComment.json")) + r.Register(httpmock.GraphQL(`query CommentsForIssue\b`), httpmock.FileResponse("./fixtures/issueView_previewFullComments.json")) + mockEmptyV2ProjectItems(t, r) }, expectedOutputs: []string{ `author:\tmonalisa`, @@ -482,9 +510,8 @@ func TestIssueView_nontty_Comments(t *testing.T) { t.Run(name, func(t *testing.T) { http := &httpmock.Registry{} defer http.Verify(t) - for name, file := range tc.fixtures { - name := fmt.Sprintf(`query %s\b`, name) - http.Register(httpmock.GraphQL(name), httpmock.FileResponse(file)) + if tc.httpStubs != nil { + tc.httpStubs(http) } output, err := runCommand(http, false, tc.cli) if tc.wantsErr { @@ -561,3 +588,50 @@ func TestProjectsV1Deprecation(t *testing.T) { reg.Verify(t) }) } + +// mockEmptyV2ProjectItems registers GraphQL queries to report an issue is not contained on any v2 projects. +func mockEmptyV2ProjectItems(t *testing.T, r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueProjectItems\b`), httpmock.StringResponse(` + { "data": { "repository": { "issue": { + "projectItems": { + "totalCount": 0, + "nodes": [] + } } } } } + `)) +} + +// mockV2ProjectItems registers GraphQL queries to report an issue on multiple v2 projects in various states +// - `NO_STATUS_ITEM`: emulates this issue is on a project but is not given a status +// - `DONE_STATUS_ITEM`: emulates this issue is on a project and considered done +func mockV2ProjectItems(t *testing.T, r *httpmock.Registry) { + r.Register(httpmock.GraphQL(`query IssueProjectItems\b`), httpmock.StringResponse(` + { "data": { "repository": { "issue": { + "projectItems": { + "totalCount": 2, + "nodes": [ + { + "id": "NO_STATUS_ITEM", + "project": { + "id": "PROJECT1", + "title": "v2 Project 1" + }, + "status": { + "optionId": "", + "name": "" + } + }, + { + "id": "DONE_STATUS_ITEM", + "project": { + "id": "PROJECT2", + "title": "v2 Project 2" + }, + "status": { + "optionId": "PROJECTITEMFIELD1", + "name": "Done" + } + } + ] + } } } } } + `)) +} From 72f5fbbec0d0f8ff31159b33e1f58258ea75c3c3 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Tue, 12 Aug 2025 20:59:50 -0400 Subject: [PATCH 39/52] Base changes for PR project items --- api/queries_projects_v2.go | 5 +++-- pkg/cmd/pr/view/view.go | 18 +++++++++++++++--- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/api/queries_projects_v2.go b/api/queries_projects_v2.go index e55127f029d..68681f2e869 100644 --- a/api/queries_projects_v2.go +++ b/api/queries_projects_v2.go @@ -150,8 +150,9 @@ func ProjectsV2ItemsForPullRequest(client *Client, repo ghrepo.Interface, pr *Pu Repository struct { PullRequest struct { ProjectItems struct { - Nodes []*projectV2Item - PageInfo struct { + TotalCount int + Nodes []*projectV2Item + PageInfo struct { HasNextPage bool EndCursor string } diff --git a/pkg/cmd/pr/view/view.go b/pkg/cmd/pr/view/view.go index 8a39d113463..564cce9132e 100644 --- a/pkg/cmd/pr/view/view.go +++ b/pkg/cmd/pr/view/view.go @@ -85,7 +85,7 @@ var defaultFields = []string{ "url", "number", "title", "state", "body", "author", "autoMergeRequest", "isDraft", "maintainerCanModify", "mergeable", "additions", "deletions", "commitsCount", "baseRefName", "headRefName", "headRepositoryOwner", "headRepository", "isCrossRepository", - "reviewRequests", "reviews", "assignees", "labels", "projectCards", "milestone", + "reviewRequests", "reviews", "assignees", "labels", "projectCards", "projectItems", "milestone", "comments", "reactionGroups", "createdAt", "statusCheckRollup", } @@ -439,11 +439,23 @@ func prLabelList(pr api.PullRequest, cs *iostreams.ColorScheme) string { } func prProjectList(pr api.PullRequest) string { - if len(pr.ProjectCards.Nodes) == 0 { + totalCount := pr.ProjectCards.TotalCount + pr.ProjectItems.TotalCount + count := len(pr.ProjectCards.Nodes) + len(pr.ProjectItems.Nodes) + + if count == 0 { return "" } projectNames := make([]string, 0, len(pr.ProjectCards.Nodes)) + + for _, project := range pr.ProjectItems.Nodes { + colName := project.Status.Name + if colName == "" { + colName = "No Status" + } + projectNames = append(projectNames, fmt.Sprintf("%s (%s)", project.Project.Title, colName)) + } + for _, project := range pr.ProjectCards.Nodes { if project == nil { continue @@ -456,7 +468,7 @@ func prProjectList(pr api.PullRequest) string { } list := strings.Join(projectNames, ", ") - if pr.ProjectCards.TotalCount > len(pr.ProjectCards.Nodes) { + if totalCount > count { list += ", …" } return list From 746da6de0099ee8fbc89bcafbaed4a07fbc57f31 Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Tue, 12 Aug 2025 21:13:18 -0400 Subject: [PATCH 40/52] Update PR tests for v2 projects --- .../prViewPreviewWithMetadataByNumber.json | 27 +++++++++++++++++++ pkg/cmd/pr/view/view_test.go | 4 +-- 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/pkg/cmd/pr/view/fixtures/prViewPreviewWithMetadataByNumber.json b/pkg/cmd/pr/view/fixtures/prViewPreviewWithMetadataByNumber.json index be4a7713dbb..194574ba94d 100644 --- a/pkg/cmd/pr/view/fixtures/prViewPreviewWithMetadataByNumber.json +++ b/pkg/cmd/pr/view/fixtures/prViewPreviewWithMetadataByNumber.json @@ -54,6 +54,33 @@ ], "totalcount": 5 }, + "projectitems": { + "totalCount": 2, + "nodes": [ + { + "id": "NO_STATUS_ITEM", + "project": { + "id": "PROJECT1", + "title": "v2 Project 1" + }, + "status": { + "optionId": "", + "name": "" + } + }, + { + "id": "DONE_STATUS_ITEM", + "project": { + "id": "PROJECT2", + "title": "v2 Project 2" + }, + "status": { + "optionId": "PROJECTITEMFIELD1", + "name": "Done" + } + } + ] + }, "projectcards": { "nodes": [ { diff --git a/pkg/cmd/pr/view/view_test.go b/pkg/cmd/pr/view/view_test.go index 35f7fa5136c..38b2a50477f 100644 --- a/pkg/cmd/pr/view/view_test.go +++ b/pkg/cmd/pr/view/view_test.go @@ -286,7 +286,7 @@ func TestPRView_Preview_nontty(t *testing.T) { `reviewers:\t1 \(Requested\)\n`, `assignees:\tmarseilles, monaco\n`, `labels:\tClosed: Duplicate, Closed: Won't Fix, help wanted, Status: In Progress, Type: Bug\n`, - `projects:\tProject 1 \(column A\), Project 2 \(column B\), Project 3 \(column C\), Project 4 \(Awaiting triage\)\n`, + `projects:\tv2 Project 1 \(No Status\), v2 Project 2 \(Done\), Project 1 \(column A\), Project 2 \(column B\), Project 3 \(column C\), Project 4 \(Awaiting triage\)\n`, `milestone:\tuluru\n`, `\*\*blueberries taste good\*\*`, }, @@ -457,7 +457,7 @@ func TestPRView_Preview(t *testing.T) { `Reviewers:.*1 \(.*Requested.*\)\n`, `Assignees:.*marseilles, monaco\n`, `Labels:.*Closed: Duplicate, Closed: Won't Fix, help wanted, Status: In Progress, Type: Bug\n`, - `Projects:.*Project 1 \(column A\), Project 2 \(column B\), Project 3 \(column C\), Project 4 \(Awaiting triage\)\n`, + `Projects:.*v2 Project 1 \(No Status\), v2 Project 2 \(Done\), Project 1 \(column A\), Project 2 \(column B\), Project 3 \(column C\), Project 4 \(Awaiting triage\)\n`, `Milestone:.*uluru\n`, `blueberries taste good`, `View this pull request on GitHub: https://github.com/OWNER/REPO/pull/12`, From d10251211c66a592c671b2471682b58b1d76d3dc Mon Sep 17 00:00:00 2001 From: Andy Feller Date: Tue, 12 Aug 2025 21:18:47 -0400 Subject: [PATCH 41/52] Update feature_detection.go --- internal/featuredetection/feature_detection.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/internal/featuredetection/feature_detection.go b/internal/featuredetection/feature_detection.go index 702b9619fd9..c61f47aeb93 100644 --- a/internal/featuredetection/feature_detection.go +++ b/internal/featuredetection/feature_detection.go @@ -211,8 +211,6 @@ const ( ) func (d *detector) ProjectsV1() gh.ProjectsV1Support { - // Currently, projects v1 support is entirely dependent on the host. As this is deprecated in GHES, - // we will do feature detection on whether the GHES version has support. if !ghauth.IsEnterprise(d.host) { return gh.ProjectsV1Unsupported } From 2d9cf8469018a0f3efa33694954b7d093208d473 Mon Sep 17 00:00:00 2001 From: ejahnGithub Date: Wed, 13 Aug 2025 11:23:06 -0400 Subject: [PATCH 42/52] replace /git/refs/tags/ to /git/ref/tags/ --- pkg/cmd/release/shared/fetch.go | 13 ++++--------- pkg/cmd/release/shared/fetch_test.go | 2 +- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/pkg/cmd/release/shared/fetch.go b/pkg/cmd/release/shared/fetch.go index 620372eea1f..e1f155d046b 100644 --- a/pkg/cmd/release/shared/fetch.go +++ b/pkg/cmd/release/shared/fetch.go @@ -136,7 +136,7 @@ type fetchResult struct { } func FetchRefSHA(ctx context.Context, httpClient *http.Client, repo ghrepo.Interface, tagName string) (string, error) { - path := fmt.Sprintf("repos/%s/%s/git/refs/tags/%s", repo.RepoOwner(), repo.RepoName(), tagName) + path := fmt.Sprintf("repos/%s/%s/git/ref/tags/%s", repo.RepoOwner(), repo.RepoName(), tagName) req, err := http.NewRequestWithContext(ctx, "GET", ghinstance.RESTPrefix(repo.RepoHost())+path, nil) if err != nil { return "", err @@ -159,17 +159,12 @@ func FetchRefSHA(ctx context.Context, httpClient *http.Client, repo ghrepo.Inter var ref struct { Object struct { - SHA string `json:"sha,omitempty"` + SHA string `json:"sha"` } `json:"object"` } if err := json.NewDecoder(resp.Body).Decode(&ref); err != nil { - return "", fmt.Errorf("failed to parse Git ref response: %w", err) - } - - // Check if SHA is empty after successful JSON parsing - if ref.Object.SHA == "" { - return "", ErrReleaseNotFound + return "", fmt.Errorf("failed to parse ref response: %w", err) } return ref.Object.SHA, nil @@ -292,7 +287,7 @@ func StubFetchRelease(t *testing.T, reg *httpmock.Registry, owner, repoName, tag } func StubFetchRefSHA(t *testing.T, reg *httpmock.Registry, owner, repoName, tagName, sha string) { - path := fmt.Sprintf("repos/%s/%s/git/refs/tags/%s", owner, repoName, tagName) + path := fmt.Sprintf("repos/%s/%s/git/ref/tags/%s", owner, repoName, tagName) reg.Register( httpmock.REST("GET", path), httpmock.StringResponse(fmt.Sprintf(`{"object": {"sha": "%s"}}`, sha)), diff --git a/pkg/cmd/release/shared/fetch_test.go b/pkg/cmd/release/shared/fetch_test.go index 1cbf414f23d..f18d34dbc1c 100644 --- a/pkg/cmd/release/shared/fetch_test.go +++ b/pkg/cmd/release/shared/fetch_test.go @@ -79,7 +79,7 @@ func TestFetchRefSHA(t *testing.T) { repo, err := ghrepo.FromFullName("owner/repo") require.NoError(t, err) - path := "repos/owner/repo/git/refs/tags/" + tt.tagName + path := "repos/owner/repo/git/ref/tags/" + tt.tagName if tt.responseStatus == 404 { fakeHTTP.Register(httpmock.REST("GET", path), httpmock.StatusStringResponse(404, "Not Found")) } else { From c4d14044c7f73827d09d28981108b87bbf770b39 Mon Sep 17 00:00:00 2001 From: ejahnGithub Date: Wed, 13 Aug 2025 14:42:50 -0400 Subject: [PATCH 43/52] udpate the test --- pkg/cmd/release/shared/fetch_test.go | 83 +++++++++++++--------------- 1 file changed, 37 insertions(+), 46 deletions(-) diff --git a/pkg/cmd/release/shared/fetch_test.go b/pkg/cmd/release/shared/fetch_test.go index f18d34dbc1c..9b4e5df8083 100644 --- a/pkg/cmd/release/shared/fetch_test.go +++ b/pkg/cmd/release/shared/fetch_test.go @@ -5,6 +5,8 @@ import ( "net/http" "testing" + "github.com/cli/go-gh/v2/pkg/api" + "github.com/cli/cli/v2/internal/ghrepo" "github.com/cli/cli/v2/pkg/httpmock" "github.com/stretchr/testify/assert" @@ -13,61 +15,41 @@ import ( func TestFetchRefSHA(t *testing.T) { tests := []struct { - name string - tagName string - responseStatus int - responseBody string - expectedSHA string - errorMessage string + name string + tagName string + responseStatus int + responseBody string + responseMessage string + expectedSHA string + errorMessage string }{ { - name: "full semver tag", + name: "match (200)", tagName: "v1.2.3", responseStatus: 200, responseBody: `{"object": {"sha": "1234567890abcdef1234567890abcdef12345678"}}`, expectedSHA: "1234567890abcdef1234567890abcdef12345678", }, { - name: "partial semver - major only", - tagName: "v1", - responseStatus: 200, - responseBody: `{"object": {"sha": "abcdef1234567890abcdef1234567890abcdef12"}}`, - expectedSHA: "abcdef1234567890abcdef1234567890abcdef12", - }, - { - name: "partial semver - major.minor", - tagName: "v1.2", - responseStatus: 200, - responseBody: `{"object": {"sha": "fedcba0987654321fedcba0987654321fedcba09"}}`, - expectedSHA: "fedcba0987654321fedcba0987654321fedcba09", - }, - { - name: "prerelease tag", - tagName: "v1.2.3-alpha.1", - responseStatus: 200, - responseBody: `{"object": {"sha": "9876543210fedcba9876543210fedcba98765432"}}`, - expectedSHA: "9876543210fedcba9876543210fedcba98765432", - }, - { - name: "tag not found", - tagName: "v99.99.99", - responseStatus: 404, - responseBody: ``, - errorMessage: "release not found", + name: "non-match (404)", + tagName: "v1.2.3", + responseStatus: 404, + responseMessage: `Not found`, + errorMessage: "release not found", }, { - name: "empty response body with 200 status", - tagName: "v1.0.0", - responseStatus: 200, - responseBody: `{}`, - errorMessage: "release not found", + name: "server error (500)", + tagName: "v1.2.3", + responseStatus: 500, + responseMessage: `arbitrary error"`, + errorMessage: "HTTP 500: arbitrary error\" (https://api.github.com/repos/owner/repo/git/ref/tags/v1.2.3)", }, { - name: "malformed JSON response", - tagName: "v1.0.0", + name: "malformed JSON with 200", + tagName: "v1.2.3", responseStatus: 200, responseBody: `{"object": {"sha":`, - errorMessage: "failed to parse Git ref response: unexpected EOF", + errorMessage: "failed to parse ref response: unexpected EOF", }, } @@ -80,10 +62,19 @@ func TestFetchRefSHA(t *testing.T) { require.NoError(t, err) path := "repos/owner/repo/git/ref/tags/" + tt.tagName - if tt.responseStatus == 404 { - fakeHTTP.Register(httpmock.REST("GET", path), httpmock.StatusStringResponse(404, "Not Found")) + if tt.responseStatus == 404 || tt.responseStatus == 500 { + fakeHTTP.Register( + httpmock.REST("GET", path), + httpmock.JSONErrorResponse(tt.responseStatus, api.HTTPError{ + StatusCode: tt.responseStatus, + Message: tt.responseMessage, + }), + ) } else { - fakeHTTP.Register(httpmock.REST("GET", path), httpmock.StringResponse(tt.responseBody)) + fakeHTTP.Register( + httpmock.REST("GET", path), + httpmock.StatusStringResponse(tt.responseStatus, tt.responseBody), + ) } httpClient := &http.Client{Transport: fakeHTTP} @@ -92,8 +83,8 @@ func TestFetchRefSHA(t *testing.T) { sha, err := FetchRefSHA(ctx, httpClient, repo, tt.tagName) if tt.errorMessage != "" { - require.Error(t, err) - assert.EqualError(t, err, tt.errorMessage) + assert.Contains(t, err.Error(), tt.errorMessage) + assert.Empty(t, sha) } else { require.NoError(t, err) assert.Equal(t, tt.expectedSHA, sha) From 6710bbc2be41604a2ed66563461333a33b170267 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Aug 2025 15:35:09 +0000 Subject: [PATCH 44/52] chore(deps): bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/bump-go.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/deployment.yml | 10 +++++----- .github/workflows/detect-spam.yml | 2 +- .github/workflows/go.yml | 4 ++-- .github/workflows/govulncheck.yml | 2 +- .github/workflows/lint.yml | 4 ++-- .github/workflows/pr-help-wanted.yml | 2 +- .github/workflows/third-party-licenses.yml | 2 +- 9 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/bump-go.yml b/.github/workflows/bump-go.yml index 3358b81aa50..41a1a6a81a1 100644 --- a/.github/workflows/bump-go.yml +++ b/.github/workflows/bump-go.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ac32a67af3a..6d101184fba 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Go if: matrix.language == 'go' diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index 29744553b49..1510ac22a63 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -44,7 +44,7 @@ jobs: if: contains(inputs.platforms, 'linux') steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 with: @@ -79,7 +79,7 @@ jobs: if: contains(inputs.platforms, 'macos') steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 with: @@ -151,7 +151,7 @@ jobs: if: contains(inputs.platforms, 'windows') steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 with: @@ -254,11 +254,11 @@ jobs: if: inputs.release steps: - name: Checkout cli/cli - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Merge built artifacts uses: actions/download-artifact@v5 - name: Checkout documentation site - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: repository: github/cli.github.com path: site diff --git a/.github/workflows/detect-spam.yml b/.github/workflows/detect-spam.yml index 3e8c4a61880..a7d25ae0b73 100644 --- a/.github/workflows/detect-spam.yml +++ b/.github/workflows/detect-spam.yml @@ -14,7 +14,7 @@ jobs: environment: cli-automation steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Run spam detection env: GH_TOKEN: ${{ secrets.AUTOMATION_TOKEN }} diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 7772b381455..41b0ed00db3 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 @@ -45,7 +45,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml index abd9c101183..f82df951a77 100644 --- a/.github/workflows/govulncheck.yml +++ b/.github/workflows/govulncheck.yml @@ -10,7 +10,7 @@ jobs: security-events: write steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 5afe6cd2ff7..162c8499b52 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 @@ -51,7 +51,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/pr-help-wanted.yml b/.github/workflows/pr-help-wanted.yml index 264b7bcf058..a895ecdeb12 100644 --- a/.github/workflows/pr-help-wanted.yml +++ b/.github/workflows/pr-help-wanted.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set PR variables for workflow_dispatch event id: pr-vars-dispatch diff --git a/.github/workflows/third-party-licenses.yml b/.github/workflows/third-party-licenses.yml index 3cdc5858e1d..b57639c897d 100644 --- a/.github/workflows/third-party-licenses.yml +++ b/.github/workflows/third-party-licenses.yml @@ -21,7 +21,7 @@ jobs: contents: write steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: ref: trunk From f781d90ebc01e5262a0f914656f48094a1839e7a Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Thu, 14 Aug 2025 10:15:54 -0600 Subject: [PATCH 45/52] Update Go dependencies to latest versions Bump several dependencies in go.mod and go.sum, including golang.org/x/crypto, golang.org/x/net, golang.org/x/sys, golang.org/x/term, golang.org/x/text, golang.org/x/tools, google.golang.org/protobuf, google.golang.org/genproto/googleapis/rpc, and github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp. This keeps the project up to date with the latest bug fixes and improvements. --- go.mod | 18 +++++++++--------- go.sum | 36 ++++++++++++++++++------------------ 2 files changed, 27 insertions(+), 27 deletions(-) diff --git a/go.mod b/go.mod index bbad9d9953e..ad11dcd73ab 100644 --- a/go.mod +++ b/go.mod @@ -52,12 +52,12 @@ require ( github.com/theupdateframework/go-tuf/v2 v2.1.1 github.com/yuin/goldmark v1.7.12 github.com/zalando/go-keyring v0.2.6 - golang.org/x/crypto v0.40.0 + golang.org/x/crypto v0.41.0 golang.org/x/sync v0.16.0 - golang.org/x/term v0.33.0 - golang.org/x/text v0.27.0 + golang.org/x/term v0.34.0 + golang.org/x/text v0.28.0 google.golang.org/grpc v1.74.2 - google.golang.org/protobuf v1.36.6 + google.golang.org/protobuf v1.36.7 gopkg.in/h2non/gock.v1 v1.1.2 gopkg.in/yaml.v3 v3.0.1 ) @@ -75,7 +75,7 @@ require ( cloud.google.com/go/spanner v1.82.0 // indirect cloud.google.com/go/storage v1.55.0 // indirect dario.cat/mergo v1.0.2 // indirect - github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.2 // indirect + github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.3 // indirect github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0 // indirect github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.53.0 // indirect github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.53.0 // indirect @@ -223,14 +223,14 @@ require ( go.uber.org/zap v1.27.0 // indirect golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b // indirect golang.org/x/mod v0.26.0 // indirect - golang.org/x/net v0.41.0 // indirect + golang.org/x/net v0.43.0 // indirect golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/sys v0.34.0 // indirect + golang.org/x/sys v0.35.0 // indirect golang.org/x/time v0.12.0 // indirect - golang.org/x/tools v0.34.0 // indirect + golang.org/x/tools v0.35.0 // indirect google.golang.org/api v0.238.0 // indirect google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20250811230008-5f3141c8851a // indirect k8s.io/klog/v2 v2.130.1 // indirect ) diff --git a/go.sum b/go.sum index 21d4138843f..9fba204f714 100644 --- a/go.sum +++ b/go.sum @@ -645,8 +645,8 @@ github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 h1:oygO0locgZJ github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.2 h1:DBjmt6/otSdULyJdVg2BlG0qGZO5tKL4VzOs0jpvw5Q= -github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.2/go.mod h1:dppbR7CwXD4pgtV9t3wD1812RaLDcBjtblcDF5f1vI0= +github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.3 h1:2afWGsMzkIcN8Qm4mgPJKZWyroE5QBszMiDMYEBrnfw= +github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.3/go.mod h1:dppbR7CwXD4pgtV9t3wD1812RaLDcBjtblcDF5f1vI0= github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0 h1:ErKg/3iS1AKcTkf3yixlZ54f9U1rljCkQyEXWUnIUxc= github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0/go.mod h1:yAZHSGnqScoU556rBOVkwLze6WP5N+U11RHuWaGVxwY= github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.53.0 h1:owcC2UnmsZycprQ5RfRgjydWhuoxg71LUfyiQdijZuM= @@ -1488,8 +1488,8 @@ golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= -golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM= -golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY= +golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= +golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1617,8 +1617,8 @@ golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/net v0.41.0 h1:vBTly1HeNPEn3wtREYfy4GZ/NECgw2Cnl+nK6Nz3uvw= -golang.org/x/net v0.41.0/go.mod h1:B/K4NNqkfmg07DQYrbwvSluqCJOOXwUjeb/5lOisjbA= +golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE= +golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1763,8 +1763,8 @@ golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA= -golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= +golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -1779,8 +1779,8 @@ golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= -golang.org/x/term v0.33.0 h1:NuFncQrRcaRvVmgRkvM3j/F00gWIAlcmlB8ACEKmGIg= -golang.org/x/term v0.33.0/go.mod h1:s18+ql9tYWp1IfpV9DmCtQDDSRBUjKaw9M1eAv5UeF0= +golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4= +golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1801,8 +1801,8 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= -golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4= -golang.org/x/text v0.27.0/go.mod h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU= +golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng= +golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1874,8 +1874,8 @@ golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= -golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo= -golang.org/x/tools v0.34.0/go.mod h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg= +golang.org/x/tools v0.35.0 h1:mBffYraMEf7aa0sB+NuKnuCy8qI/9Bughn8dC2Gu5r0= +golang.org/x/tools v0.35.0/go.mod h1:NKdj5HkL/73byiZSJjqJgKn3ep7KjFkBOkR/Hps3VPw= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -2094,8 +2094,8 @@ google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 h1:1tXaIXCracvtsRx google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2/go.mod h1:49MsLSx0oWMOZqcpB3uL8ZOkAh1+TndpJ8ONoCBWiZk= google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822 h1:oWVWY3NzT7KJppx2UKhKmzPq4SRe0LdCijVRwvGeikY= google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822/go.mod h1:h3c4v36UTKzUiuaOKQ6gr3S+0hovBtUrXzTG/i3+XEc= -google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 h1:fc6jSaCT0vBduLYZHYrBBNY4dsWuvgyff9noRNDdBeE= -google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250811230008-5f3141c8851a h1:tPE/Kp+x9dMSwUm/uM0JKK0IfdiJkwAbSMSeZBXXJXc= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250811230008-5f3141c8851a/go.mod h1:gw1tLEfykwDz2ET4a12jcXt4couGAm7IwsVaTy0Sflo= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -2157,8 +2157,8 @@ google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= -google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= +google.golang.org/protobuf v1.36.7 h1:IgrO7UwFQGJdRNXH/sQux4R1Dj1WAKcLElzeeRaXV2A= +google.golang.org/protobuf v1.36.7/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= From 79888378d81355eafb8fe04548e50bfdf7c827af Mon Sep 17 00:00:00 2001 From: ejahnGithub Date: Thu, 14 Aug 2025 14:00:55 -0400 Subject: [PATCH 46/52] Hidden trusted root flag for release verify --- pkg/cmd/release/shared/attestation.go | 8 +++++--- pkg/cmd/release/verify-asset/verify_asset.go | 10 +++++++--- pkg/cmd/release/verify/verify.go | 16 ++++++++++------ 3 files changed, 22 insertions(+), 12 deletions(-) diff --git a/pkg/cmd/release/shared/attestation.go b/pkg/cmd/release/shared/attestation.go index b4490373b6f..29b804533be 100644 --- a/pkg/cmd/release/shared/attestation.go +++ b/pkg/cmd/release/shared/attestation.go @@ -25,9 +25,10 @@ type Verifier interface { } type AttestationVerifier struct { - AttClient api.Client - HttpClient *http.Client - IO *iostreams.IOStreams + AttClient api.Client + HttpClient *http.Client + IO *iostreams.IOStreams + TrustedRoot string } func (v *AttestationVerifier) VerifyAttestation(art *artifact.DigestedArtifact, att *api.Attestation) (*verification.AttestationProcessingResult, error) { @@ -41,6 +42,7 @@ func (v *AttestationVerifier) VerifyAttestation(art *artifact.DigestedArtifact, Logger: att_io.NewHandler(v.IO), NoPublicGood: true, TrustDomain: td, + TrustedRoot: v.TrustedRoot, }) if err != nil { return nil, err diff --git a/pkg/cmd/release/verify-asset/verify_asset.go b/pkg/cmd/release/verify-asset/verify_asset.go index 2b66f35023a..4af1483addb 100644 --- a/pkg/cmd/release/verify-asset/verify_asset.go +++ b/pkg/cmd/release/verify-asset/verify_asset.go @@ -24,6 +24,7 @@ type VerifyAssetOptions struct { BaseRepo ghrepo.Interface Exporter cmdutil.Exporter AssetFilePath string + TrustedRoot string } type VerifyAssetConfig struct { @@ -93,9 +94,10 @@ func NewCmdVerifyAsset(f *cmdutil.Factory, runF func(*VerifyAssetConfig) error) attClient := api.NewLiveClient(httpClient, baseRepo.RepoHost(), att_io.NewHandler(io)) attVerifier := &shared.AttestationVerifier{ - AttClient: attClient, - HttpClient: httpClient, - IO: io, + AttClient: attClient, + HttpClient: httpClient, + IO: io, + TrustedRoot: opts.TrustedRoot, } config := &VerifyAssetConfig{ @@ -114,6 +116,8 @@ func NewCmdVerifyAsset(f *cmdutil.Factory, runF func(*VerifyAssetConfig) error) }, } cmdutil.AddFormatFlags(cmd, &opts.Exporter) + cmd.Flags().StringVarP(&opts.TrustedRoot, "custom-trusted-root", "", "", "Path to a trusted_root.jsonl file; likely for offline verification") + cmd.Flags().MarkHidden("custom-trusted-root") return cmd } diff --git a/pkg/cmd/release/verify/verify.go b/pkg/cmd/release/verify/verify.go index 8c04fe6827d..ca09f13779d 100644 --- a/pkg/cmd/release/verify/verify.go +++ b/pkg/cmd/release/verify/verify.go @@ -23,9 +23,10 @@ import ( ) type VerifyOptions struct { - TagName string - BaseRepo ghrepo.Interface - Exporter cmdutil.Exporter + TagName string + BaseRepo ghrepo.Interface + Exporter cmdutil.Exporter + TrustedRoot string } type VerifyConfig struct { @@ -87,9 +88,10 @@ func NewCmdVerify(f *cmdutil.Factory, runF func(config *VerifyConfig) error) *co attClient := api.NewLiveClient(httpClient, baseRepo.RepoHost(), att_io.NewHandler(io)) attVerifier := &shared.AttestationVerifier{ - AttClient: attClient, - HttpClient: httpClient, - IO: io, + AttClient: attClient, + HttpClient: httpClient, + IO: io, + TrustedRoot: opts.TrustedRoot, } config := &VerifyConfig{ @@ -107,6 +109,8 @@ func NewCmdVerify(f *cmdutil.Factory, runF func(config *VerifyConfig) error) *co }, } cmdutil.AddFormatFlags(cmd, &opts.Exporter) + cmd.Flags().StringVarP(&opts.TrustedRoot, "custom-trusted-root", "", "", "Path to a trusted_root.jsonl file; likely for offline verification") + cmd.Flags().MarkHidden("custom-trusted-root") return cmd } From e23c9d087d244a9d5b9bc18b9faf5bb4a1c7fa39 Mon Sep 17 00:00:00 2001 From: Eugene <108841108+ejahnGithub@users.noreply.github.com> Date: Thu, 14 Aug 2025 16:08:37 -0400 Subject: [PATCH 47/52] Update pkg/cmd/release/verify-asset/verify_asset.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- pkg/cmd/release/verify-asset/verify_asset.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/cmd/release/verify-asset/verify_asset.go b/pkg/cmd/release/verify-asset/verify_asset.go index 4af1483addb..700136ca598 100644 --- a/pkg/cmd/release/verify-asset/verify_asset.go +++ b/pkg/cmd/release/verify-asset/verify_asset.go @@ -116,7 +116,7 @@ func NewCmdVerifyAsset(f *cmdutil.Factory, runF func(*VerifyAssetConfig) error) }, } cmdutil.AddFormatFlags(cmd, &opts.Exporter) - cmd.Flags().StringVarP(&opts.TrustedRoot, "custom-trusted-root", "", "", "Path to a trusted_root.jsonl file; likely for offline verification") + cmd.Flags().StringVarP(&opts.TrustedRoot, "custom-trusted-root", "", "", "Path to a trusted_root.jsonl file; likely for offline verification.") cmd.Flags().MarkHidden("custom-trusted-root") return cmd From 7316ddc57d14749bf8b10d267b9f7852036c9b58 Mon Sep 17 00:00:00 2001 From: Eugene <108841108+ejahnGithub@users.noreply.github.com> Date: Thu, 14 Aug 2025 16:08:44 -0400 Subject: [PATCH 48/52] Update pkg/cmd/release/verify/verify.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- pkg/cmd/release/verify/verify.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/cmd/release/verify/verify.go b/pkg/cmd/release/verify/verify.go index ca09f13779d..d71c77c0a04 100644 --- a/pkg/cmd/release/verify/verify.go +++ b/pkg/cmd/release/verify/verify.go @@ -109,7 +109,7 @@ func NewCmdVerify(f *cmdutil.Factory, runF func(config *VerifyConfig) error) *co }, } cmdutil.AddFormatFlags(cmd, &opts.Exporter) - cmd.Flags().StringVarP(&opts.TrustedRoot, "custom-trusted-root", "", "", "Path to a trusted_root.jsonl file; likely for offline verification") + cmd.Flags().StringVarP(&opts.TrustedRoot, "custom-trusted-root", "", "", "Path to a trusted_root.jsonl file; likely for offline verification.") cmd.Flags().MarkHidden("custom-trusted-root") return cmd From 4fad0b42bcfe45f2d35f71328644ce3a6c973655 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 Aug 2025 21:21:19 +0000 Subject: [PATCH 49/52] chore(deps): bump github.com/cli/go-gh/v2 from 2.12.1 to 2.12.2 Bumps [github.com/cli/go-gh/v2](https://github.com/cli/go-gh) from 2.12.1 to 2.12.2. - [Release notes](https://github.com/cli/go-gh/releases) - [Commits](https://github.com/cli/go-gh/compare/v2.12.1...v2.12.2) --- updated-dependencies: - dependency-name: github.com/cli/go-gh/v2 dependency-version: 2.12.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c506bed7f14..6e9a06ecc41 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/charmbracelet/glamour v0.10.0 github.com/charmbracelet/huh v0.7.0 github.com/charmbracelet/lipgloss v1.1.1-0.20250404203927-76690c660834 - github.com/cli/go-gh/v2 v2.12.1 + github.com/cli/go-gh/v2 v2.12.2 github.com/cli/go-internal v0.0.0-20241025142207-6c48bcd5ce24 github.com/cli/oauth v1.2.0 github.com/cli/safeexec v1.0.1 diff --git a/go.sum b/go.sum index 4ce7ba42631..7ccd3ade89f 100644 --- a/go.sum +++ b/go.sum @@ -784,8 +784,8 @@ github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMn github.com/cli/browser v1.0.0/go.mod h1:IEWkHYbLjkhtjwwWlwTHW2lGxeS5gezEQBMLTwDHf5Q= github.com/cli/browser v1.3.0 h1:LejqCrpWr+1pRqmEPDGnTZOjsMe7sehifLynZJuqJpo= github.com/cli/browser v1.3.0/go.mod h1:HH8s+fOAxjhQoBUAsKuPCbqUuxZDhQ2/aD+SzsEfBTk= -github.com/cli/go-gh/v2 v2.12.1 h1:SVt1/afj5FRAythyMV3WJKaUfDNsxXTIe7arZbwTWKA= -github.com/cli/go-gh/v2 v2.12.1/go.mod h1:+5aXmEOJsH9fc9mBHfincDwnS02j2AIA/DsTH0Bk5uw= +github.com/cli/go-gh/v2 v2.12.2 h1:EtocmDAH7dKrH2PscQOQVo7PbFD5G6uYx4rSKY2w1SY= +github.com/cli/go-gh/v2 v2.12.2/go.mod h1:g2IjwHEo27fgItlS9wUbRaXPYurZEXPp1jrxf3piC6g= github.com/cli/go-internal v0.0.0-20241025142207-6c48bcd5ce24 h1:QDrhR4JA2n3ij9YQN0u5ZeuvRIIvsUGmf5yPlTS0w8E= github.com/cli/go-internal v0.0.0-20241025142207-6c48bcd5ce24/go.mod h1:rr9GNING0onuVw8MnracQHn7PcchnFlP882Y0II2KZk= github.com/cli/oauth v1.2.0 h1:9Bb7nWsgi92Xy5Ifa0oKfW6D1+hNAsO6OWSCx7FJdKA= From 5eddf8d52369df321693c5f5131fdd138cd237a6 Mon Sep 17 00:00:00 2001 From: Copilot <198982749+Copilot@users.noreply.github.com> Date: Wed, 20 Aug 2025 11:03:44 -0600 Subject: [PATCH 50/52] Merge pull request #11536 from cli/copilot/fix-11535 Fix `gh repo delete --yes` safety issue when no repository argument provided --- pkg/cmd/repo/delete/delete.go | 12 ++++++++++++ pkg/cmd/repo/delete/delete_test.go | 24 ++++++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/pkg/cmd/repo/delete/delete.go b/pkg/cmd/repo/delete/delete.go index 96cfe5e95c2..01495387e12 100644 --- a/pkg/cmd/repo/delete/delete.go +++ b/pkg/cmd/repo/delete/delete.go @@ -43,6 +43,10 @@ func NewCmdDelete(f *cmdutil.Factory, runF func(*DeleteOptions) error) *cobra.Co Delete a GitHub repository. With no argument, deletes the current repository. Otherwise, deletes the specified repository. + + For safety, when no repository argument is provided, the %[1]s--yes%[1]s flag is ignored + and you will be prompted for confirmation. To delete the current repository non-interactively, + specify it explicitly (e.g., %[1]sgh repo delete owner/repo --yes%[1]s). Deletion requires authorization with the %[1]sdelete_repo%[1]s scope. To authorize, run %[1]sgh auth refresh -s delete_repo%[1]s @@ -53,6 +57,14 @@ func NewCmdDelete(f *cmdutil.Factory, runF func(*DeleteOptions) error) *cobra.Co opts.RepoArg = args[0] } + // Ignore --yes when no argument provided to prevent accidental deletion + if len(args) == 0 && opts.Confirmed { + if !opts.IO.CanPrompt() { + return cmdutil.FlagErrorf("cannot non-interactively delete current repository. Please specify a repository or run interactively") + } + opts.Confirmed = false + } + if !opts.IO.CanPrompt() && !opts.Confirmed { return cmdutil.FlagErrorf("--yes required when not running interactively") } diff --git a/pkg/cmd/repo/delete/delete_test.go b/pkg/cmd/repo/delete/delete_test.go index b52ac1de9d7..d5070d5aae3 100644 --- a/pkg/cmd/repo/delete/delete_test.go +++ b/pkg/cmd/repo/delete/delete_test.go @@ -48,6 +48,30 @@ func TestNewCmdDelete(t *testing.T) { tty: true, output: DeleteOptions{}, }, + { + name: "yes flag ignored when no argument tty", + tty: true, + input: "--yes", + output: DeleteOptions{Confirmed: false}, // --yes should be ignored + }, + { + name: "yes flag error when no argument notty", + input: "--yes", + wantErr: true, + errMsg: "cannot non-interactively delete current repository. Please specify a repository or run interactively", + }, + { + name: "confirm flag error when no argument notty", + input: "--confirm", + wantErr: true, + errMsg: "cannot non-interactively delete current repository. Please specify a repository or run interactively", + }, + { + name: "confirm flag also ignored when no argument tty", + tty: true, + input: "--confirm", + output: DeleteOptions{Confirmed: false}, // --confirm should also be ignored + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { From 6d183488cc55567d6f2caecc13168b61452b4035 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Aug 2025 11:09:59 -0600 Subject: [PATCH 51/52] chore(deps): bump github.com/go-viper/mapstructure/v2 (#11556) Bumps [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) from 2.3.0 to 2.4.0. - [Release notes](https://github.com/go-viper/mapstructure/releases) - [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md) - [Commits](https://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0) --- updated-dependencies: - dependency-name: github.com/go-viper/mapstructure/v2 dependency-version: 2.4.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 6e9a06ecc41..7ca1ae57c37 100644 --- a/go.mod +++ b/go.mod @@ -134,7 +134,7 @@ require ( github.com/go-openapi/strfmt v0.23.0 // indirect github.com/go-openapi/swag v0.23.1 // indirect github.com/go-openapi/validate v0.24.0 // indirect - github.com/go-viper/mapstructure/v2 v2.3.0 // indirect + github.com/go-viper/mapstructure/v2 v2.4.0 // indirect github.com/godbus/dbus/v5 v5.1.0 // indirect github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect github.com/google/certificate-transparency-go v1.3.2 // indirect diff --git a/go.sum b/go.sum index 7ccd3ade89f..eeebd6973c5 100644 --- a/go.sum +++ b/go.sum @@ -940,8 +940,8 @@ github.com/go-sql-driver/mysql v1.9.2 h1:4cNKDYQ1I84SXslGddlsrMhc8k4LeDVj6Ad6WRj github.com/go-sql-driver/mysql v1.9.2/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU= github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U= github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= -github.com/go-viper/mapstructure/v2 v2.3.0 h1:27XbWsHIqhbdR5TIC911OfYvgSaW93HM+dX7970Q7jk= -github.com/go-viper/mapstructure/v2 v2.3.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= +github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs= +github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= From d43d7a1bddae4ad44f0ca6aad2cee94aa5614e63 Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Thu, 21 Aug 2025 11:45:56 -0600 Subject: [PATCH 52/52] Update third-party license versions (#11557) Bump several dependency versions in third-party-licenses files for Darwin, Linux, and Windows platforms to reflect updated packages and license links. --- third-party-licenses.darwin.md | 28 ++++++++++++++-------------- third-party-licenses.linux.md | 28 ++++++++++++++-------------- third-party-licenses.windows.md | 28 ++++++++++++++-------------- 3 files changed, 42 insertions(+), 42 deletions(-) diff --git a/third-party-licenses.darwin.md b/third-party-licenses.darwin.md index 8363e70732d..0f84c9ff327 100644 --- a/third-party-licenses.darwin.md +++ b/third-party-licenses.darwin.md @@ -8,7 +8,7 @@ Some packages may only be included on certain architectures or operating systems - [al.essio.dev/pkg/shellescape](https://pkg.go.dev/al.essio.dev/pkg/shellescape) ([MIT](https://github.com/alessio/shellescape/blob/v1.6.0/LICENSE)) -- [cel.dev/expr](https://pkg.go.dev/cel.dev/expr) ([Apache-2.0](https://github.com/google/cel-spec/blob/v0.23.1/LICENSE)) +- [cel.dev/expr](https://pkg.go.dev/cel.dev/expr) ([Apache-2.0](https://github.com/google/cel-spec/blob/v0.24.0/LICENSE)) - [cloud.google.com/go](https://pkg.go.dev/cloud.google.com/go) ([Apache-2.0](https://github.com/googleapis/google-cloud-go/blob/v0.121.1/LICENSE)) - [cloud.google.com/go/auth](https://pkg.go.dev/cloud.google.com/go/auth) ([Apache-2.0](https://github.com/googleapis/google-cloud-go/blob/auth/v0.16.2/auth/LICENSE)) - [cloud.google.com/go/auth/oauth2adapt](https://pkg.go.dev/cloud.google.com/go/auth/oauth2adapt) ([Apache-2.0](https://github.com/googleapis/google-cloud-go/blob/auth/oauth2adapt/v0.2.8/auth/oauth2adapt/LICENSE)) @@ -21,7 +21,7 @@ Some packages may only be included on certain architectures or operating systems - [dario.cat/mergo](https://pkg.go.dev/dario.cat/mergo) ([BSD-3-Clause](https://github.com/imdario/mergo/blob/v1.0.2/LICENSE)) - [github.com/AlecAivazis/survey/v2](https://pkg.go.dev/github.com/AlecAivazis/survey/v2) ([MIT](https://github.com/AlecAivazis/survey/blob/v2.3.7/LICENSE)) - [github.com/AlecAivazis/survey/v2/terminal](https://pkg.go.dev/github.com/AlecAivazis/survey/v2/terminal) ([MIT](https://github.com/AlecAivazis/survey/blob/v2.3.7/terminal/LICENSE.txt)) -- [github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp](https://pkg.go.dev/github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp) ([Apache-2.0](https://github.com/GoogleCloudPlatform/grpc-gcp-go/blob/grpcgcp/v1.5.2/grpcgcp/LICENSE)) +- [github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp](https://pkg.go.dev/github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp) ([Apache-2.0](https://github.com/GoogleCloudPlatform/grpc-gcp-go/blob/grpcgcp/v1.5.3/grpcgcp/LICENSE)) - [github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp](https://pkg.go.dev/github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp) ([Apache-2.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/blob/detectors/gcp/v1.27.0/detectors/gcp/LICENSE)) - [github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric](https://pkg.go.dev/github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric) ([Apache-2.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/blob/exporter/metric/v0.53.0/exporter/metric/LICENSE)) - [github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping](https://pkg.go.dev/github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping) ([Apache-2.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/blob/internal/resourcemapping/v0.53.0/internal/resourcemapping/LICENSE)) @@ -53,11 +53,11 @@ Some packages may only be included on certain architectures or operating systems - [github.com/charmbracelet/x/exp/strings](https://pkg.go.dev/github.com/charmbracelet/x/exp/strings) ([MIT](https://github.com/charmbracelet/x/blob/821143405392/exp/strings/LICENSE)) - [github.com/charmbracelet/x/term](https://pkg.go.dev/github.com/charmbracelet/x/term) ([MIT](https://github.com/charmbracelet/x/blob/term/v0.2.1/term/LICENSE)) - [github.com/cli/browser](https://pkg.go.dev/github.com/cli/browser) ([BSD-2-Clause](https://github.com/cli/browser/blob/v1.3.0/LICENSE)) -- [github.com/cli/go-gh/v2](https://pkg.go.dev/github.com/cli/go-gh/v2) ([MIT](https://github.com/cli/go-gh/blob/v2.12.1/LICENSE)) +- [github.com/cli/go-gh/v2](https://pkg.go.dev/github.com/cli/go-gh/v2) ([MIT](https://github.com/cli/go-gh/blob/v2.12.2/LICENSE)) - [github.com/cli/oauth](https://pkg.go.dev/github.com/cli/oauth) ([MIT](https://github.com/cli/oauth/blob/v1.2.0/LICENSE)) - [github.com/cli/safeexec](https://pkg.go.dev/github.com/cli/safeexec) ([BSD-2-Clause](https://github.com/cli/safeexec/blob/v1.0.1/LICENSE)) - [github.com/cli/shurcooL-graphql](https://pkg.go.dev/github.com/cli/shurcooL-graphql) ([MIT](https://github.com/cli/shurcooL-graphql/blob/v0.0.4/LICENSE)) -- [github.com/cncf/xds/go](https://pkg.go.dev/github.com/cncf/xds/go) ([Apache-2.0](https://github.com/cncf/xds/blob/ae57f3c0d45f/go/LICENSE)) +- [github.com/cncf/xds/go](https://pkg.go.dev/github.com/cncf/xds/go) ([Apache-2.0](https://github.com/cncf/xds/blob/2ac532fd4443/go/LICENSE)) - [github.com/containerd/stargz-snapshotter/estargz](https://pkg.go.dev/github.com/containerd/stargz-snapshotter/estargz) ([Apache-2.0](https://github.com/containerd/stargz-snapshotter/blob/estargz/v0.16.3/estargz/LICENSE)) - [github.com/cpuguy83/go-md2man/v2/md2man](https://pkg.go.dev/github.com/cpuguy83/go-md2man/v2/md2man) ([MIT](https://github.com/cpuguy83/go-md2man/blob/v2.0.7/LICENSE.md)) - [github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer](https://pkg.go.dev/github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer) ([Apache-2.0](https://github.com/cyberphone/json-canonicalization/blob/19d51d7fe467/LICENSE)) @@ -175,7 +175,7 @@ Some packages may only be included on certain architectures or operating systems - [github.com/spf13/afero](https://pkg.go.dev/github.com/spf13/afero) ([Apache-2.0](https://github.com/spf13/afero/blob/v1.14.0/LICENSE.txt)) - [github.com/spf13/cast](https://pkg.go.dev/github.com/spf13/cast) ([MIT](https://github.com/spf13/cast/blob/v1.9.2/LICENSE)) - [github.com/spf13/cobra](https://pkg.go.dev/github.com/spf13/cobra) ([Apache-2.0](https://github.com/spf13/cobra/blob/v1.9.1/LICENSE.txt)) -- [github.com/spf13/pflag](https://pkg.go.dev/github.com/spf13/pflag) ([BSD-3-Clause](https://github.com/spf13/pflag/blob/v1.0.6/LICENSE)) +- [github.com/spf13/pflag](https://pkg.go.dev/github.com/spf13/pflag) ([BSD-3-Clause](https://github.com/spf13/pflag/blob/v1.0.7/LICENSE)) - [github.com/spf13/viper](https://pkg.go.dev/github.com/spf13/viper) ([MIT](https://github.com/spf13/viper/blob/v1.20.1/LICENSE)) - [github.com/spiffe/go-spiffe/v2](https://pkg.go.dev/github.com/spiffe/go-spiffe/v2) ([Apache-2.0](https://github.com/spiffe/go-spiffe/blob/v2.5.0/v2/LICENSE)) - [github.com/stretchr/objx](https://pkg.go.dev/github.com/stretchr/objx) ([MIT](https://github.com/stretchr/objx/blob/v0.5.2/LICENSE)) @@ -190,7 +190,7 @@ Some packages may only be included on certain architectures or operating systems - [github.com/transparency-dev/tessera](https://pkg.go.dev/github.com/transparency-dev/tessera) ([Apache-2.0](https://github.com/transparency-dev/tessera/blob/8ee4e93b2823/LICENSE)) - [github.com/vbatts/tar-split/archive/tar](https://pkg.go.dev/github.com/vbatts/tar-split/archive/tar) ([BSD-3-Clause](https://github.com/vbatts/tar-split/blob/v0.12.1/LICENSE)) - [github.com/xo/terminfo](https://pkg.go.dev/github.com/xo/terminfo) ([MIT](https://github.com/xo/terminfo/blob/abceb7e1c41e/LICENSE)) -- [github.com/yuin/goldmark](https://pkg.go.dev/github.com/yuin/goldmark) ([MIT](https://github.com/yuin/goldmark/blob/v1.7.12/LICENSE)) +- [github.com/yuin/goldmark](https://pkg.go.dev/github.com/yuin/goldmark) ([MIT](https://github.com/yuin/goldmark/blob/v1.7.13/LICENSE)) - [github.com/yuin/goldmark-emoji](https://pkg.go.dev/github.com/yuin/goldmark-emoji) ([MIT](https://github.com/yuin/goldmark-emoji/blob/v1.0.6/LICENSE)) - [github.com/zalando/go-keyring](https://pkg.go.dev/github.com/zalando/go-keyring) ([MIT](https://github.com/zalando/go-keyring/blob/v0.2.6/LICENSE)) - [github.com/zeebo/errs](https://pkg.go.dev/github.com/zeebo/errs) ([MIT](https://github.com/zeebo/errs/blob/v1.4.0/LICENSE)) @@ -207,23 +207,23 @@ Some packages may only be included on certain architectures or operating systems - [go.opentelemetry.io/otel/trace](https://pkg.go.dev/go.opentelemetry.io/otel/trace) ([Apache-2.0](https://github.com/open-telemetry/opentelemetry-go/blob/trace/v1.37.0/trace/LICENSE)) - [go.uber.org/multierr](https://pkg.go.dev/go.uber.org/multierr) ([MIT](https://github.com/uber-go/multierr/blob/v1.11.0/LICENSE.txt)) - [go.uber.org/zap](https://pkg.go.dev/go.uber.org/zap) ([MIT](https://github.com/uber-go/zap/blob/v1.27.0/LICENSE)) -- [golang.org/x/crypto](https://pkg.go.dev/golang.org/x/crypto) ([BSD-3-Clause](https://cs.opensource.google/go/x/crypto/+/v0.40.0:LICENSE)) +- [golang.org/x/crypto](https://pkg.go.dev/golang.org/x/crypto) ([BSD-3-Clause](https://cs.opensource.google/go/x/crypto/+/v0.41.0:LICENSE)) - [golang.org/x/exp](https://pkg.go.dev/golang.org/x/exp) ([BSD-3-Clause](https://cs.opensource.google/go/x/exp/+/b7579e27:LICENSE)) - [golang.org/x/mod](https://pkg.go.dev/golang.org/x/mod) ([BSD-3-Clause](https://cs.opensource.google/go/x/mod/+/v0.26.0:LICENSE)) -- [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) ([BSD-3-Clause](https://cs.opensource.google/go/x/net/+/v0.41.0:LICENSE)) +- [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) ([BSD-3-Clause](https://cs.opensource.google/go/x/net/+/v0.43.0:LICENSE)) - [golang.org/x/oauth2](https://pkg.go.dev/golang.org/x/oauth2) ([BSD-3-Clause](https://cs.opensource.google/go/x/oauth2/+/v0.30.0:LICENSE)) - [golang.org/x/sync](https://pkg.go.dev/golang.org/x/sync) ([BSD-3-Clause](https://cs.opensource.google/go/x/sync/+/v0.16.0:LICENSE)) -- [golang.org/x/sys](https://pkg.go.dev/golang.org/x/sys) ([BSD-3-Clause](https://cs.opensource.google/go/x/sys/+/v0.34.0:LICENSE)) -- [golang.org/x/term](https://pkg.go.dev/golang.org/x/term) ([BSD-3-Clause](https://cs.opensource.google/go/x/term/+/v0.33.0:LICENSE)) -- [golang.org/x/text](https://pkg.go.dev/golang.org/x/text) ([BSD-3-Clause](https://cs.opensource.google/go/x/text/+/v0.27.0:LICENSE)) +- [golang.org/x/sys](https://pkg.go.dev/golang.org/x/sys) ([BSD-3-Clause](https://cs.opensource.google/go/x/sys/+/v0.35.0:LICENSE)) +- [golang.org/x/term](https://pkg.go.dev/golang.org/x/term) ([BSD-3-Clause](https://cs.opensource.google/go/x/term/+/v0.34.0:LICENSE)) +- [golang.org/x/text](https://pkg.go.dev/golang.org/x/text) ([BSD-3-Clause](https://cs.opensource.google/go/x/text/+/v0.28.0:LICENSE)) - [golang.org/x/time/rate](https://pkg.go.dev/golang.org/x/time/rate) ([BSD-3-Clause](https://cs.opensource.google/go/x/time/+/v0.12.0:LICENSE)) - [google.golang.org/api](https://pkg.go.dev/google.golang.org/api) ([BSD-3-Clause](https://github.com/googleapis/google-api-go-client/blob/v0.238.0/LICENSE)) - [google.golang.org/api/internal/third_party/uritemplates](https://pkg.go.dev/google.golang.org/api/internal/third_party/uritemplates) ([BSD-3-Clause](https://github.com/googleapis/google-api-go-client/blob/v0.238.0/internal/third_party/uritemplates/LICENSE)) - [google.golang.org/genproto/googleapis/api](https://pkg.go.dev/google.golang.org/genproto/googleapis/api) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/513f23925822/googleapis/api/LICENSE)) -- [google.golang.org/genproto/googleapis/rpc](https://pkg.go.dev/google.golang.org/genproto/googleapis/rpc) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/513f23925822/googleapis/rpc/LICENSE)) +- [google.golang.org/genproto/googleapis/rpc](https://pkg.go.dev/google.golang.org/genproto/googleapis/rpc) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/5f3141c8851a/googleapis/rpc/LICENSE)) - [google.golang.org/genproto/googleapis/type](https://pkg.go.dev/google.golang.org/genproto/googleapis/type) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/f936aa4a68b2/LICENSE)) -- [google.golang.org/grpc](https://pkg.go.dev/google.golang.org/grpc) ([Apache-2.0](https://github.com/grpc/grpc-go/blob/v1.73.0/LICENSE)) -- [google.golang.org/protobuf](https://pkg.go.dev/google.golang.org/protobuf) ([BSD-3-Clause](https://github.com/protocolbuffers/protobuf-go/blob/v1.36.6/LICENSE)) +- [google.golang.org/grpc](https://pkg.go.dev/google.golang.org/grpc) ([Apache-2.0](https://github.com/grpc/grpc-go/blob/v1.74.2/LICENSE)) +- [google.golang.org/protobuf](https://pkg.go.dev/google.golang.org/protobuf) ([BSD-3-Clause](https://github.com/protocolbuffers/protobuf-go/blob/v1.36.7/LICENSE)) - [gopkg.in/yaml.v3](https://pkg.go.dev/gopkg.in/yaml.v3) ([MIT](https://github.com/go-yaml/yaml/blob/v3.0.1/LICENSE)) - [k8s.io/klog/v2](https://pkg.go.dev/k8s.io/klog/v2) ([Apache-2.0](https://github.com/kubernetes/klog/blob/v2.130.1/LICENSE)) diff --git a/third-party-licenses.linux.md b/third-party-licenses.linux.md index 7ff263290f3..3281ddfe18f 100644 --- a/third-party-licenses.linux.md +++ b/third-party-licenses.linux.md @@ -7,7 +7,7 @@ The following open source dependencies are used to build the [cli/cli][] GitHub Some packages may only be included on certain architectures or operating systems. -- [cel.dev/expr](https://pkg.go.dev/cel.dev/expr) ([Apache-2.0](https://github.com/google/cel-spec/blob/v0.23.1/LICENSE)) +- [cel.dev/expr](https://pkg.go.dev/cel.dev/expr) ([Apache-2.0](https://github.com/google/cel-spec/blob/v0.24.0/LICENSE)) - [cloud.google.com/go](https://pkg.go.dev/cloud.google.com/go) ([Apache-2.0](https://github.com/googleapis/google-cloud-go/blob/v0.121.1/LICENSE)) - [cloud.google.com/go/auth](https://pkg.go.dev/cloud.google.com/go/auth) ([Apache-2.0](https://github.com/googleapis/google-cloud-go/blob/auth/v0.16.2/auth/LICENSE)) - [cloud.google.com/go/auth/oauth2adapt](https://pkg.go.dev/cloud.google.com/go/auth/oauth2adapt) ([Apache-2.0](https://github.com/googleapis/google-cloud-go/blob/auth/oauth2adapt/v0.2.8/auth/oauth2adapt/LICENSE)) @@ -20,7 +20,7 @@ Some packages may only be included on certain architectures or operating systems - [dario.cat/mergo](https://pkg.go.dev/dario.cat/mergo) ([BSD-3-Clause](https://github.com/imdario/mergo/blob/v1.0.2/LICENSE)) - [github.com/AlecAivazis/survey/v2](https://pkg.go.dev/github.com/AlecAivazis/survey/v2) ([MIT](https://github.com/AlecAivazis/survey/blob/v2.3.7/LICENSE)) - [github.com/AlecAivazis/survey/v2/terminal](https://pkg.go.dev/github.com/AlecAivazis/survey/v2/terminal) ([MIT](https://github.com/AlecAivazis/survey/blob/v2.3.7/terminal/LICENSE.txt)) -- [github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp](https://pkg.go.dev/github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp) ([Apache-2.0](https://github.com/GoogleCloudPlatform/grpc-gcp-go/blob/grpcgcp/v1.5.2/grpcgcp/LICENSE)) +- [github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp](https://pkg.go.dev/github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp) ([Apache-2.0](https://github.com/GoogleCloudPlatform/grpc-gcp-go/blob/grpcgcp/v1.5.3/grpcgcp/LICENSE)) - [github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp](https://pkg.go.dev/github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp) ([Apache-2.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/blob/detectors/gcp/v1.27.0/detectors/gcp/LICENSE)) - [github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric](https://pkg.go.dev/github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric) ([Apache-2.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/blob/exporter/metric/v0.53.0/exporter/metric/LICENSE)) - [github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping](https://pkg.go.dev/github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping) ([Apache-2.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/blob/internal/resourcemapping/v0.53.0/internal/resourcemapping/LICENSE)) @@ -52,11 +52,11 @@ Some packages may only be included on certain architectures or operating systems - [github.com/charmbracelet/x/exp/strings](https://pkg.go.dev/github.com/charmbracelet/x/exp/strings) ([MIT](https://github.com/charmbracelet/x/blob/821143405392/exp/strings/LICENSE)) - [github.com/charmbracelet/x/term](https://pkg.go.dev/github.com/charmbracelet/x/term) ([MIT](https://github.com/charmbracelet/x/blob/term/v0.2.1/term/LICENSE)) - [github.com/cli/browser](https://pkg.go.dev/github.com/cli/browser) ([BSD-2-Clause](https://github.com/cli/browser/blob/v1.3.0/LICENSE)) -- [github.com/cli/go-gh/v2](https://pkg.go.dev/github.com/cli/go-gh/v2) ([MIT](https://github.com/cli/go-gh/blob/v2.12.1/LICENSE)) +- [github.com/cli/go-gh/v2](https://pkg.go.dev/github.com/cli/go-gh/v2) ([MIT](https://github.com/cli/go-gh/blob/v2.12.2/LICENSE)) - [github.com/cli/oauth](https://pkg.go.dev/github.com/cli/oauth) ([MIT](https://github.com/cli/oauth/blob/v1.2.0/LICENSE)) - [github.com/cli/safeexec](https://pkg.go.dev/github.com/cli/safeexec) ([BSD-2-Clause](https://github.com/cli/safeexec/blob/v1.0.1/LICENSE)) - [github.com/cli/shurcooL-graphql](https://pkg.go.dev/github.com/cli/shurcooL-graphql) ([MIT](https://github.com/cli/shurcooL-graphql/blob/v0.0.4/LICENSE)) -- [github.com/cncf/xds/go](https://pkg.go.dev/github.com/cncf/xds/go) ([Apache-2.0](https://github.com/cncf/xds/blob/ae57f3c0d45f/go/LICENSE)) +- [github.com/cncf/xds/go](https://pkg.go.dev/github.com/cncf/xds/go) ([Apache-2.0](https://github.com/cncf/xds/blob/2ac532fd4443/go/LICENSE)) - [github.com/containerd/stargz-snapshotter/estargz](https://pkg.go.dev/github.com/containerd/stargz-snapshotter/estargz) ([Apache-2.0](https://github.com/containerd/stargz-snapshotter/blob/estargz/v0.16.3/estargz/LICENSE)) - [github.com/cpuguy83/go-md2man/v2/md2man](https://pkg.go.dev/github.com/cpuguy83/go-md2man/v2/md2man) ([MIT](https://github.com/cpuguy83/go-md2man/blob/v2.0.7/LICENSE.md)) - [github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer](https://pkg.go.dev/github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer) ([Apache-2.0](https://github.com/cyberphone/json-canonicalization/blob/19d51d7fe467/LICENSE)) @@ -175,7 +175,7 @@ Some packages may only be included on certain architectures or operating systems - [github.com/spf13/afero](https://pkg.go.dev/github.com/spf13/afero) ([Apache-2.0](https://github.com/spf13/afero/blob/v1.14.0/LICENSE.txt)) - [github.com/spf13/cast](https://pkg.go.dev/github.com/spf13/cast) ([MIT](https://github.com/spf13/cast/blob/v1.9.2/LICENSE)) - [github.com/spf13/cobra](https://pkg.go.dev/github.com/spf13/cobra) ([Apache-2.0](https://github.com/spf13/cobra/blob/v1.9.1/LICENSE.txt)) -- [github.com/spf13/pflag](https://pkg.go.dev/github.com/spf13/pflag) ([BSD-3-Clause](https://github.com/spf13/pflag/blob/v1.0.6/LICENSE)) +- [github.com/spf13/pflag](https://pkg.go.dev/github.com/spf13/pflag) ([BSD-3-Clause](https://github.com/spf13/pflag/blob/v1.0.7/LICENSE)) - [github.com/spf13/viper](https://pkg.go.dev/github.com/spf13/viper) ([MIT](https://github.com/spf13/viper/blob/v1.20.1/LICENSE)) - [github.com/spiffe/go-spiffe/v2](https://pkg.go.dev/github.com/spiffe/go-spiffe/v2) ([Apache-2.0](https://github.com/spiffe/go-spiffe/blob/v2.5.0/v2/LICENSE)) - [github.com/stretchr/objx](https://pkg.go.dev/github.com/stretchr/objx) ([MIT](https://github.com/stretchr/objx/blob/v0.5.2/LICENSE)) @@ -190,7 +190,7 @@ Some packages may only be included on certain architectures or operating systems - [github.com/transparency-dev/tessera](https://pkg.go.dev/github.com/transparency-dev/tessera) ([Apache-2.0](https://github.com/transparency-dev/tessera/blob/8ee4e93b2823/LICENSE)) - [github.com/vbatts/tar-split/archive/tar](https://pkg.go.dev/github.com/vbatts/tar-split/archive/tar) ([BSD-3-Clause](https://github.com/vbatts/tar-split/blob/v0.12.1/LICENSE)) - [github.com/xo/terminfo](https://pkg.go.dev/github.com/xo/terminfo) ([MIT](https://github.com/xo/terminfo/blob/abceb7e1c41e/LICENSE)) -- [github.com/yuin/goldmark](https://pkg.go.dev/github.com/yuin/goldmark) ([MIT](https://github.com/yuin/goldmark/blob/v1.7.12/LICENSE)) +- [github.com/yuin/goldmark](https://pkg.go.dev/github.com/yuin/goldmark) ([MIT](https://github.com/yuin/goldmark/blob/v1.7.13/LICENSE)) - [github.com/yuin/goldmark-emoji](https://pkg.go.dev/github.com/yuin/goldmark-emoji) ([MIT](https://github.com/yuin/goldmark-emoji/blob/v1.0.6/LICENSE)) - [github.com/zalando/go-keyring](https://pkg.go.dev/github.com/zalando/go-keyring) ([MIT](https://github.com/zalando/go-keyring/blob/v0.2.6/LICENSE)) - [github.com/zeebo/errs](https://pkg.go.dev/github.com/zeebo/errs) ([MIT](https://github.com/zeebo/errs/blob/v1.4.0/LICENSE)) @@ -207,23 +207,23 @@ Some packages may only be included on certain architectures or operating systems - [go.opentelemetry.io/otel/trace](https://pkg.go.dev/go.opentelemetry.io/otel/trace) ([Apache-2.0](https://github.com/open-telemetry/opentelemetry-go/blob/trace/v1.37.0/trace/LICENSE)) - [go.uber.org/multierr](https://pkg.go.dev/go.uber.org/multierr) ([MIT](https://github.com/uber-go/multierr/blob/v1.11.0/LICENSE.txt)) - [go.uber.org/zap](https://pkg.go.dev/go.uber.org/zap) ([MIT](https://github.com/uber-go/zap/blob/v1.27.0/LICENSE)) -- [golang.org/x/crypto](https://pkg.go.dev/golang.org/x/crypto) ([BSD-3-Clause](https://cs.opensource.google/go/x/crypto/+/v0.40.0:LICENSE)) +- [golang.org/x/crypto](https://pkg.go.dev/golang.org/x/crypto) ([BSD-3-Clause](https://cs.opensource.google/go/x/crypto/+/v0.41.0:LICENSE)) - [golang.org/x/exp](https://pkg.go.dev/golang.org/x/exp) ([BSD-3-Clause](https://cs.opensource.google/go/x/exp/+/b7579e27:LICENSE)) - [golang.org/x/mod](https://pkg.go.dev/golang.org/x/mod) ([BSD-3-Clause](https://cs.opensource.google/go/x/mod/+/v0.26.0:LICENSE)) -- [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) ([BSD-3-Clause](https://cs.opensource.google/go/x/net/+/v0.41.0:LICENSE)) +- [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) ([BSD-3-Clause](https://cs.opensource.google/go/x/net/+/v0.43.0:LICENSE)) - [golang.org/x/oauth2](https://pkg.go.dev/golang.org/x/oauth2) ([BSD-3-Clause](https://cs.opensource.google/go/x/oauth2/+/v0.30.0:LICENSE)) - [golang.org/x/sync](https://pkg.go.dev/golang.org/x/sync) ([BSD-3-Clause](https://cs.opensource.google/go/x/sync/+/v0.16.0:LICENSE)) -- [golang.org/x/sys](https://pkg.go.dev/golang.org/x/sys) ([BSD-3-Clause](https://cs.opensource.google/go/x/sys/+/v0.34.0:LICENSE)) -- [golang.org/x/term](https://pkg.go.dev/golang.org/x/term) ([BSD-3-Clause](https://cs.opensource.google/go/x/term/+/v0.33.0:LICENSE)) -- [golang.org/x/text](https://pkg.go.dev/golang.org/x/text) ([BSD-3-Clause](https://cs.opensource.google/go/x/text/+/v0.27.0:LICENSE)) +- [golang.org/x/sys](https://pkg.go.dev/golang.org/x/sys) ([BSD-3-Clause](https://cs.opensource.google/go/x/sys/+/v0.35.0:LICENSE)) +- [golang.org/x/term](https://pkg.go.dev/golang.org/x/term) ([BSD-3-Clause](https://cs.opensource.google/go/x/term/+/v0.34.0:LICENSE)) +- [golang.org/x/text](https://pkg.go.dev/golang.org/x/text) ([BSD-3-Clause](https://cs.opensource.google/go/x/text/+/v0.28.0:LICENSE)) - [golang.org/x/time/rate](https://pkg.go.dev/golang.org/x/time/rate) ([BSD-3-Clause](https://cs.opensource.google/go/x/time/+/v0.12.0:LICENSE)) - [google.golang.org/api](https://pkg.go.dev/google.golang.org/api) ([BSD-3-Clause](https://github.com/googleapis/google-api-go-client/blob/v0.238.0/LICENSE)) - [google.golang.org/api/internal/third_party/uritemplates](https://pkg.go.dev/google.golang.org/api/internal/third_party/uritemplates) ([BSD-3-Clause](https://github.com/googleapis/google-api-go-client/blob/v0.238.0/internal/third_party/uritemplates/LICENSE)) - [google.golang.org/genproto/googleapis/api](https://pkg.go.dev/google.golang.org/genproto/googleapis/api) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/513f23925822/googleapis/api/LICENSE)) -- [google.golang.org/genproto/googleapis/rpc](https://pkg.go.dev/google.golang.org/genproto/googleapis/rpc) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/513f23925822/googleapis/rpc/LICENSE)) +- [google.golang.org/genproto/googleapis/rpc](https://pkg.go.dev/google.golang.org/genproto/googleapis/rpc) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/5f3141c8851a/googleapis/rpc/LICENSE)) - [google.golang.org/genproto/googleapis/type](https://pkg.go.dev/google.golang.org/genproto/googleapis/type) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/f936aa4a68b2/LICENSE)) -- [google.golang.org/grpc](https://pkg.go.dev/google.golang.org/grpc) ([Apache-2.0](https://github.com/grpc/grpc-go/blob/v1.73.0/LICENSE)) -- [google.golang.org/protobuf](https://pkg.go.dev/google.golang.org/protobuf) ([BSD-3-Clause](https://github.com/protocolbuffers/protobuf-go/blob/v1.36.6/LICENSE)) +- [google.golang.org/grpc](https://pkg.go.dev/google.golang.org/grpc) ([Apache-2.0](https://github.com/grpc/grpc-go/blob/v1.74.2/LICENSE)) +- [google.golang.org/protobuf](https://pkg.go.dev/google.golang.org/protobuf) ([BSD-3-Clause](https://github.com/protocolbuffers/protobuf-go/blob/v1.36.7/LICENSE)) - [gopkg.in/yaml.v3](https://pkg.go.dev/gopkg.in/yaml.v3) ([MIT](https://github.com/go-yaml/yaml/blob/v3.0.1/LICENSE)) - [k8s.io/klog/v2](https://pkg.go.dev/k8s.io/klog/v2) ([Apache-2.0](https://github.com/kubernetes/klog/blob/v2.130.1/LICENSE)) diff --git a/third-party-licenses.windows.md b/third-party-licenses.windows.md index aa2a2d44ed3..52e6d759b82 100644 --- a/third-party-licenses.windows.md +++ b/third-party-licenses.windows.md @@ -7,7 +7,7 @@ The following open source dependencies are used to build the [cli/cli][] GitHub Some packages may only be included on certain architectures or operating systems. -- [cel.dev/expr](https://pkg.go.dev/cel.dev/expr) ([Apache-2.0](https://github.com/google/cel-spec/blob/v0.23.1/LICENSE)) +- [cel.dev/expr](https://pkg.go.dev/cel.dev/expr) ([Apache-2.0](https://github.com/google/cel-spec/blob/v0.24.0/LICENSE)) - [cloud.google.com/go](https://pkg.go.dev/cloud.google.com/go) ([Apache-2.0](https://github.com/googleapis/google-cloud-go/blob/v0.121.1/LICENSE)) - [cloud.google.com/go/auth](https://pkg.go.dev/cloud.google.com/go/auth) ([Apache-2.0](https://github.com/googleapis/google-cloud-go/blob/auth/v0.16.2/auth/LICENSE)) - [cloud.google.com/go/auth/oauth2adapt](https://pkg.go.dev/cloud.google.com/go/auth/oauth2adapt) ([Apache-2.0](https://github.com/googleapis/google-cloud-go/blob/auth/oauth2adapt/v0.2.8/auth/oauth2adapt/LICENSE)) @@ -20,7 +20,7 @@ Some packages may only be included on certain architectures or operating systems - [dario.cat/mergo](https://pkg.go.dev/dario.cat/mergo) ([BSD-3-Clause](https://github.com/imdario/mergo/blob/v1.0.2/LICENSE)) - [github.com/AlecAivazis/survey/v2](https://pkg.go.dev/github.com/AlecAivazis/survey/v2) ([MIT](https://github.com/AlecAivazis/survey/blob/v2.3.7/LICENSE)) - [github.com/AlecAivazis/survey/v2/terminal](https://pkg.go.dev/github.com/AlecAivazis/survey/v2/terminal) ([MIT](https://github.com/AlecAivazis/survey/blob/v2.3.7/terminal/LICENSE.txt)) -- [github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp](https://pkg.go.dev/github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp) ([Apache-2.0](https://github.com/GoogleCloudPlatform/grpc-gcp-go/blob/grpcgcp/v1.5.2/grpcgcp/LICENSE)) +- [github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp](https://pkg.go.dev/github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp) ([Apache-2.0](https://github.com/GoogleCloudPlatform/grpc-gcp-go/blob/grpcgcp/v1.5.3/grpcgcp/LICENSE)) - [github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp](https://pkg.go.dev/github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp) ([Apache-2.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/blob/detectors/gcp/v1.27.0/detectors/gcp/LICENSE)) - [github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric](https://pkg.go.dev/github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric) ([Apache-2.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/blob/exporter/metric/v0.53.0/exporter/metric/LICENSE)) - [github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping](https://pkg.go.dev/github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping) ([Apache-2.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/blob/internal/resourcemapping/v0.53.0/internal/resourcemapping/LICENSE)) @@ -52,11 +52,11 @@ Some packages may only be included on certain architectures or operating systems - [github.com/charmbracelet/x/exp/strings](https://pkg.go.dev/github.com/charmbracelet/x/exp/strings) ([MIT](https://github.com/charmbracelet/x/blob/821143405392/exp/strings/LICENSE)) - [github.com/charmbracelet/x/term](https://pkg.go.dev/github.com/charmbracelet/x/term) ([MIT](https://github.com/charmbracelet/x/blob/term/v0.2.1/term/LICENSE)) - [github.com/cli/browser](https://pkg.go.dev/github.com/cli/browser) ([BSD-2-Clause](https://github.com/cli/browser/blob/v1.3.0/LICENSE)) -- [github.com/cli/go-gh/v2](https://pkg.go.dev/github.com/cli/go-gh/v2) ([MIT](https://github.com/cli/go-gh/blob/v2.12.1/LICENSE)) +- [github.com/cli/go-gh/v2](https://pkg.go.dev/github.com/cli/go-gh/v2) ([MIT](https://github.com/cli/go-gh/blob/v2.12.2/LICENSE)) - [github.com/cli/oauth](https://pkg.go.dev/github.com/cli/oauth) ([MIT](https://github.com/cli/oauth/blob/v1.2.0/LICENSE)) - [github.com/cli/safeexec](https://pkg.go.dev/github.com/cli/safeexec) ([BSD-2-Clause](https://github.com/cli/safeexec/blob/v1.0.1/LICENSE)) - [github.com/cli/shurcooL-graphql](https://pkg.go.dev/github.com/cli/shurcooL-graphql) ([MIT](https://github.com/cli/shurcooL-graphql/blob/v0.0.4/LICENSE)) -- [github.com/cncf/xds/go](https://pkg.go.dev/github.com/cncf/xds/go) ([Apache-2.0](https://github.com/cncf/xds/blob/ae57f3c0d45f/go/LICENSE)) +- [github.com/cncf/xds/go](https://pkg.go.dev/github.com/cncf/xds/go) ([Apache-2.0](https://github.com/cncf/xds/blob/2ac532fd4443/go/LICENSE)) - [github.com/containerd/stargz-snapshotter/estargz](https://pkg.go.dev/github.com/containerd/stargz-snapshotter/estargz) ([Apache-2.0](https://github.com/containerd/stargz-snapshotter/blob/estargz/v0.16.3/estargz/LICENSE)) - [github.com/cpuguy83/go-md2man/v2/md2man](https://pkg.go.dev/github.com/cpuguy83/go-md2man/v2/md2man) ([MIT](https://github.com/cpuguy83/go-md2man/blob/v2.0.7/LICENSE.md)) - [github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer](https://pkg.go.dev/github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer) ([Apache-2.0](https://github.com/cyberphone/json-canonicalization/blob/19d51d7fe467/LICENSE)) @@ -178,7 +178,7 @@ Some packages may only be included on certain architectures or operating systems - [github.com/spf13/afero](https://pkg.go.dev/github.com/spf13/afero) ([Apache-2.0](https://github.com/spf13/afero/blob/v1.14.0/LICENSE.txt)) - [github.com/spf13/cast](https://pkg.go.dev/github.com/spf13/cast) ([MIT](https://github.com/spf13/cast/blob/v1.9.2/LICENSE)) - [github.com/spf13/cobra](https://pkg.go.dev/github.com/spf13/cobra) ([Apache-2.0](https://github.com/spf13/cobra/blob/v1.9.1/LICENSE.txt)) -- [github.com/spf13/pflag](https://pkg.go.dev/github.com/spf13/pflag) ([BSD-3-Clause](https://github.com/spf13/pflag/blob/v1.0.6/LICENSE)) +- [github.com/spf13/pflag](https://pkg.go.dev/github.com/spf13/pflag) ([BSD-3-Clause](https://github.com/spf13/pflag/blob/v1.0.7/LICENSE)) - [github.com/spf13/viper](https://pkg.go.dev/github.com/spf13/viper) ([MIT](https://github.com/spf13/viper/blob/v1.20.1/LICENSE)) - [github.com/spiffe/go-spiffe/v2](https://pkg.go.dev/github.com/spiffe/go-spiffe/v2) ([Apache-2.0](https://github.com/spiffe/go-spiffe/blob/v2.5.0/v2/LICENSE)) - [github.com/stretchr/objx](https://pkg.go.dev/github.com/stretchr/objx) ([MIT](https://github.com/stretchr/objx/blob/v0.5.2/LICENSE)) @@ -193,7 +193,7 @@ Some packages may only be included on certain architectures or operating systems - [github.com/transparency-dev/tessera](https://pkg.go.dev/github.com/transparency-dev/tessera) ([Apache-2.0](https://github.com/transparency-dev/tessera/blob/8ee4e93b2823/LICENSE)) - [github.com/vbatts/tar-split/archive/tar](https://pkg.go.dev/github.com/vbatts/tar-split/archive/tar) ([BSD-3-Clause](https://github.com/vbatts/tar-split/blob/v0.12.1/LICENSE)) - [github.com/xo/terminfo](https://pkg.go.dev/github.com/xo/terminfo) ([MIT](https://github.com/xo/terminfo/blob/abceb7e1c41e/LICENSE)) -- [github.com/yuin/goldmark](https://pkg.go.dev/github.com/yuin/goldmark) ([MIT](https://github.com/yuin/goldmark/blob/v1.7.12/LICENSE)) +- [github.com/yuin/goldmark](https://pkg.go.dev/github.com/yuin/goldmark) ([MIT](https://github.com/yuin/goldmark/blob/v1.7.13/LICENSE)) - [github.com/yuin/goldmark-emoji](https://pkg.go.dev/github.com/yuin/goldmark-emoji) ([MIT](https://github.com/yuin/goldmark-emoji/blob/v1.0.6/LICENSE)) - [github.com/zalando/go-keyring](https://pkg.go.dev/github.com/zalando/go-keyring) ([MIT](https://github.com/zalando/go-keyring/blob/v0.2.6/LICENSE)) - [github.com/zeebo/errs](https://pkg.go.dev/github.com/zeebo/errs) ([MIT](https://github.com/zeebo/errs/blob/v1.4.0/LICENSE)) @@ -210,23 +210,23 @@ Some packages may only be included on certain architectures or operating systems - [go.opentelemetry.io/otel/trace](https://pkg.go.dev/go.opentelemetry.io/otel/trace) ([Apache-2.0](https://github.com/open-telemetry/opentelemetry-go/blob/trace/v1.37.0/trace/LICENSE)) - [go.uber.org/multierr](https://pkg.go.dev/go.uber.org/multierr) ([MIT](https://github.com/uber-go/multierr/blob/v1.11.0/LICENSE.txt)) - [go.uber.org/zap](https://pkg.go.dev/go.uber.org/zap) ([MIT](https://github.com/uber-go/zap/blob/v1.27.0/LICENSE)) -- [golang.org/x/crypto](https://pkg.go.dev/golang.org/x/crypto) ([BSD-3-Clause](https://cs.opensource.google/go/x/crypto/+/v0.40.0:LICENSE)) +- [golang.org/x/crypto](https://pkg.go.dev/golang.org/x/crypto) ([BSD-3-Clause](https://cs.opensource.google/go/x/crypto/+/v0.41.0:LICENSE)) - [golang.org/x/exp](https://pkg.go.dev/golang.org/x/exp) ([BSD-3-Clause](https://cs.opensource.google/go/x/exp/+/b7579e27:LICENSE)) - [golang.org/x/mod](https://pkg.go.dev/golang.org/x/mod) ([BSD-3-Clause](https://cs.opensource.google/go/x/mod/+/v0.26.0:LICENSE)) -- [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) ([BSD-3-Clause](https://cs.opensource.google/go/x/net/+/v0.41.0:LICENSE)) +- [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) ([BSD-3-Clause](https://cs.opensource.google/go/x/net/+/v0.43.0:LICENSE)) - [golang.org/x/oauth2](https://pkg.go.dev/golang.org/x/oauth2) ([BSD-3-Clause](https://cs.opensource.google/go/x/oauth2/+/v0.30.0:LICENSE)) - [golang.org/x/sync](https://pkg.go.dev/golang.org/x/sync) ([BSD-3-Clause](https://cs.opensource.google/go/x/sync/+/v0.16.0:LICENSE)) -- [golang.org/x/sys](https://pkg.go.dev/golang.org/x/sys) ([BSD-3-Clause](https://cs.opensource.google/go/x/sys/+/v0.34.0:LICENSE)) -- [golang.org/x/term](https://pkg.go.dev/golang.org/x/term) ([BSD-3-Clause](https://cs.opensource.google/go/x/term/+/v0.33.0:LICENSE)) -- [golang.org/x/text](https://pkg.go.dev/golang.org/x/text) ([BSD-3-Clause](https://cs.opensource.google/go/x/text/+/v0.27.0:LICENSE)) +- [golang.org/x/sys](https://pkg.go.dev/golang.org/x/sys) ([BSD-3-Clause](https://cs.opensource.google/go/x/sys/+/v0.35.0:LICENSE)) +- [golang.org/x/term](https://pkg.go.dev/golang.org/x/term) ([BSD-3-Clause](https://cs.opensource.google/go/x/term/+/v0.34.0:LICENSE)) +- [golang.org/x/text](https://pkg.go.dev/golang.org/x/text) ([BSD-3-Clause](https://cs.opensource.google/go/x/text/+/v0.28.0:LICENSE)) - [golang.org/x/time/rate](https://pkg.go.dev/golang.org/x/time/rate) ([BSD-3-Clause](https://cs.opensource.google/go/x/time/+/v0.12.0:LICENSE)) - [google.golang.org/api](https://pkg.go.dev/google.golang.org/api) ([BSD-3-Clause](https://github.com/googleapis/google-api-go-client/blob/v0.238.0/LICENSE)) - [google.golang.org/api/internal/third_party/uritemplates](https://pkg.go.dev/google.golang.org/api/internal/third_party/uritemplates) ([BSD-3-Clause](https://github.com/googleapis/google-api-go-client/blob/v0.238.0/internal/third_party/uritemplates/LICENSE)) - [google.golang.org/genproto/googleapis/api](https://pkg.go.dev/google.golang.org/genproto/googleapis/api) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/513f23925822/googleapis/api/LICENSE)) -- [google.golang.org/genproto/googleapis/rpc](https://pkg.go.dev/google.golang.org/genproto/googleapis/rpc) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/513f23925822/googleapis/rpc/LICENSE)) +- [google.golang.org/genproto/googleapis/rpc](https://pkg.go.dev/google.golang.org/genproto/googleapis/rpc) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/5f3141c8851a/googleapis/rpc/LICENSE)) - [google.golang.org/genproto/googleapis/type](https://pkg.go.dev/google.golang.org/genproto/googleapis/type) ([Apache-2.0](https://github.com/googleapis/go-genproto/blob/f936aa4a68b2/LICENSE)) -- [google.golang.org/grpc](https://pkg.go.dev/google.golang.org/grpc) ([Apache-2.0](https://github.com/grpc/grpc-go/blob/v1.73.0/LICENSE)) -- [google.golang.org/protobuf](https://pkg.go.dev/google.golang.org/protobuf) ([BSD-3-Clause](https://github.com/protocolbuffers/protobuf-go/blob/v1.36.6/LICENSE)) +- [google.golang.org/grpc](https://pkg.go.dev/google.golang.org/grpc) ([Apache-2.0](https://github.com/grpc/grpc-go/blob/v1.74.2/LICENSE)) +- [google.golang.org/protobuf](https://pkg.go.dev/google.golang.org/protobuf) ([BSD-3-Clause](https://github.com/protocolbuffers/protobuf-go/blob/v1.36.7/LICENSE)) - [gopkg.in/yaml.v3](https://pkg.go.dev/gopkg.in/yaml.v3) ([MIT](https://github.com/go-yaml/yaml/blob/v3.0.1/LICENSE)) - [k8s.io/klog/v2](https://pkg.go.dev/k8s.io/klog/v2) ([Apache-2.0](https://github.com/kubernetes/klog/blob/v2.130.1/LICENSE))