From 41ce24041435b0cc3b6c6202937174f5b88035a2 Mon Sep 17 00:00:00 2001 From: Or Geva Date: Tue, 12 Sep 2023 09:40:13 +0300 Subject: [PATCH 1/6] Add download links to the release notes (#2100) --- .github/RELEASE_LINK_TEMPLATE.md | 23 +++++++++++++++++++++++ .github/workflows/addReleaseLinks.yml | 27 +++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 .github/RELEASE_LINK_TEMPLATE.md create mode 100644 .github/workflows/addReleaseLinks.yml diff --git a/.github/RELEASE_LINK_TEMPLATE.md b/.github/RELEASE_LINK_TEMPLATE.md new file mode 100644 index 000000000..939f7af9f --- /dev/null +++ b/.github/RELEASE_LINK_TEMPLATE.md @@ -0,0 +1,23 @@ +
+ Downloads JFrog CLI + +### Linux + +[386](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-linux-386/jf) +[AMD-64](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-linux-amd64/jf) +[ARM-32](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-linux-arm/jf) +[ARM-64](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-linux-arm64/jf) +[PPC-64](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-linux-ppc64/jf) +[PPC-64-LE](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-linux-ppc64le/jf) +[S390X](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-linux-s390x/jf) + +### MacOS + +[AMD-64](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-mac-386/jf) +[ARM-64](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-mac-arm64/jf) + +### Windows + +[ARM-64](https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-windows-amd64/jf.exe) + +
diff --git a/.github/workflows/addReleaseLinks.yml b/.github/workflows/addReleaseLinks.yml new file mode 100644 index 000000000..f9ff98486 --- /dev/null +++ b/.github/workflows/addReleaseLinks.yml @@ -0,0 +1,27 @@ +name: Add links on release +on: + release: + types: [created] + +jobs: + add-links-on-release: + name: Add links on release + runs-on: ubuntu-latest + steps: + - name: Check out repository + uses: actions/checkout@v2 + + - name: Create markdown download links + run: | + # Remove the prefix 'v' from version. + RELEASE_VERSION=$(echo "${{ github.event.release.tag_name }}" | sed 's/^v//') + + # Replace the place-holders '{version}' with the actual release version. + sed "s/{version}/$RELEASE_VERSION/g" ./.github/releaseLinkTemplate.md > ./temp_releaseLinkTemplate.md + + - name: Add links to release notes + uses: softprops/action-gh-release@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + body_path: "temp_releaseLinkTemplate.md" + append_body: true From 0c805fbdc6ef1b00329713cf6b210be5da55f55e Mon Sep 17 00:00:00 2001 From: Yahav Itzhak Date: Wed, 13 Sep 2023 15:11:33 +0300 Subject: [PATCH 2/6] Improve download scripts (#2202) --- build/getcli/jf.sh | 7 +++---- build/getcli/jfrog.sh | 7 +++---- build/installcli/jf.sh | 7 +++---- build/installcli/jfrog.sh | 7 +++---- build/setupcli/jf.sh | 7 +++---- 5 files changed, 15 insertions(+), 20 deletions(-) diff --git a/build/getcli/jf.sh b/build/getcli/jf.sh index 177e476c8..7b1f5eeff 100644 --- a/build/getcli/jf.sh +++ b/build/getcli/jf.sh @@ -1,7 +1,6 @@ #!/bin/bash CLI_OS="na" -CLI_UNAME="na" CLI_MAJOR_VER="v2-jf" VERSION="[RELEASE]" @@ -13,11 +12,11 @@ else echo "Downloading the latest version of JFrog CLI..." fi -if $(echo "${OSTYPE}" | grep -q msys); then +if echo "${OSTYPE}" | grep -q msys; then CLI_OS="windows" URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-windows-amd64/jf.exe" FILE_NAME="jf.exe" -elif $(echo "${OSTYPE}" | grep -q darwin); then +elif echo "${OSTYPE}" | grep -q darwin; then CLI_OS="mac" if [[ $(uname -m) == 'arm64' ]]; then URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-mac-arm64/jf" @@ -52,7 +51,7 @@ else ;; *) echo "Unknown machine type: $MACHINE_TYPE" - exit -1 + exit 1 ;; esac URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-${CLI_OS}-${ARCH}/jf" diff --git a/build/getcli/jfrog.sh b/build/getcli/jfrog.sh index 6f09e17a7..1debb922e 100644 --- a/build/getcli/jfrog.sh +++ b/build/getcli/jfrog.sh @@ -1,7 +1,6 @@ #!/bin/bash CLI_OS="na" -CLI_UNAME="na" CLI_MAJOR_VER="v2" VERSION="[RELEASE]" @@ -13,11 +12,11 @@ else echo "Downloading the latest version of JFrog CLI..." fi -if $(echo "${OSTYPE}" | grep -q msys); then +if echo "${OSTYPE}" | grep -q msys; then CLI_OS="windows" URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-windows-amd64/jfrog.exe" FILE_NAME="jfrog.exe" -elif $(echo "${OSTYPE}" | grep -q darwin); then +elif echo "${OSTYPE}" | grep -q darwin; then CLI_OS="mac" if [[ $(uname -m) == 'arm64' ]]; then URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-mac-arm64/jfrog" @@ -52,7 +51,7 @@ else ;; *) echo "Unknown machine type: $MACHINE_TYPE" - exit -1 + exit 1 ;; esac URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-${CLI_OS}-${ARCH}/jfrog" diff --git a/build/installcli/jf.sh b/build/installcli/jf.sh index 134359c9b..b3a8c5009 100755 --- a/build/installcli/jf.sh +++ b/build/installcli/jf.sh @@ -1,7 +1,6 @@ #!/bin/bash CLI_OS="na" -CLI_UNAME="na" CLI_MAJOR_VER="v2-jf" VERSION="[RELEASE]" # Order is by destination priority. @@ -16,11 +15,11 @@ else fi echo "" -if $(echo "${OSTYPE}" | grep -q msys); then +if echo "${OSTYPE}" | grep -q msys; then CLI_OS="windows" URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-windows-amd64/jf.exe" FILE_NAME="jf.exe" -elif $(echo "${OSTYPE}" | grep -q darwin); then +elif echo "${OSTYPE}" | grep -q darwin; then CLI_OS="mac" if [[ $(uname -m) == 'arm64' ]]; then URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-mac-arm64/jf" @@ -55,7 +54,7 @@ else ;; *) echo "Unknown machine type: $MACHINE_TYPE" - exit -1 + exit 1 ;; esac URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-${CLI_OS}-${ARCH}/jf" diff --git a/build/installcli/jfrog.sh b/build/installcli/jfrog.sh index a8359af1e..fe1d0695b 100755 --- a/build/installcli/jfrog.sh +++ b/build/installcli/jfrog.sh @@ -1,7 +1,6 @@ #!/bin/bash CLI_OS="na" -CLI_UNAME="na" CLI_MAJOR_VER="v2" VERSION="[RELEASE]" # Order is by destination priority. @@ -16,11 +15,11 @@ else fi echo "" -if $(echo "${OSTYPE}" | grep -q msys); then +if echo "${OSTYPE}" | grep -q msys; then CLI_OS="windows" URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-windows-amd64/jfrog.exe" FILE_NAME="jfrog.exe" -elif $(echo "${OSTYPE}" | grep -q darwin); then +elif echo "${OSTYPE}" | grep -q darwin; then CLI_OS="mac" if [[ $(uname -m) == 'arm64' ]]; then URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-mac-arm64/jfrog" @@ -55,7 +54,7 @@ else ;; *) echo "Unknown machine type: $MACHINE_TYPE" - exit -1 + exit 1 ;; esac URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-${CLI_OS}-${ARCH}/jfrog" diff --git a/build/setupcli/jf.sh b/build/setupcli/jf.sh index d8a7493a4..37a70b6fe 100755 --- a/build/setupcli/jf.sh +++ b/build/setupcli/jf.sh @@ -1,7 +1,6 @@ #!/bin/bash CLI_OS="na" -CLI_UNAME="na" CLI_MAJOR_VER="v2-jf" VERSION="[RELEASE]" # Order is by destination priority. @@ -20,11 +19,11 @@ then fi echo "Downloading the latest version of JFrog CLI..." -if $(echo "${OSTYPE}" | grep -q msys); then +if echo "${OSTYPE}" | grep -q msys; then CLI_OS="windows" URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-windows-amd64/jf.exe" FILE_NAME="jf.exe" -elif $(echo "${OSTYPE}" | grep -q darwin); then +elif echo "${OSTYPE}" | grep -q darwin; then CLI_OS="mac" if [[ $(uname -m) == 'arm64' ]]; then URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-mac-arm64/jf" @@ -59,7 +58,7 @@ else ;; *) echo "Unknown machine type: $MACHINE_TYPE" - exit -1 + exit 1 ;; esac URL="https://releases.jfrog.io/artifactory/jfrog-cli/${CLI_MAJOR_VER}/${VERSION}/jfrog-cli-${CLI_OS}-${ARCH}/jf" From 45c1374b464fd1e5402939cab92d6cf92a3bc41d Mon Sep 17 00:00:00 2001 From: Robi Nino Date: Wed, 13 Sep 2023 17:49:58 +0300 Subject: [PATCH 3/6] Rename tokens refresh thresholds (#2203) --- access_test.go | 4 ++-- artifactory_test.go | 4 ++-- go.mod | 4 ++-- go.sum | 8 ++++---- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/access_test.go b/access_test.go index 919eba11c..c0a3d3ff5 100644 --- a/access_test.go +++ b/access_test.go @@ -76,7 +76,7 @@ func TestRefreshableAccessTokens(t *testing.T) { assert.NotEmpty(t, curRefreshToken) // Make the token always refresh. - auth.InviteRefreshBeforeExpiryMinutes = 365 * 24 * 60 + auth.RefreshPlatformTokenBeforeExpiryMinutes = 365 * 24 * 60 // Upload a file and assert tokens were refreshed. uploadedFiles++ @@ -90,7 +90,7 @@ func TestRefreshableAccessTokens(t *testing.T) { } // Make the token not refresh. Verify Tokens did not refresh. - auth.InviteRefreshBeforeExpiryMinutes = 0 + auth.RefreshPlatformTokenBeforeExpiryMinutes = 0 uploadedFiles++ err = uploadWithSpecificServerAndVerify(t, artifactoryCommandExecutor, "testdata/a/b/b2.in", uploadedFiles) if !assert.NoError(t, err) { diff --git a/artifactory_test.go b/artifactory_test.go index 390961e66..b00a48d3f 100644 --- a/artifactory_test.go +++ b/artifactory_test.go @@ -5268,7 +5268,7 @@ func TestRefreshableArtifactoryTokens(t *testing.T) { assert.NotEmpty(t, curRefreshToken) // Make the token always refresh. - auth.RefreshBeforeExpiryMinutes = 60 + auth.RefreshArtifactoryTokenBeforeExpiryMinutes = 60 // Upload a file and assert tokens were refreshed. uploadedFiles++ @@ -5312,7 +5312,7 @@ func TestRefreshableArtifactoryTokens(t *testing.T) { } // Make the token not refresh. Verify Tokens did not refresh. - auth.RefreshBeforeExpiryMinutes = 0 + auth.RefreshArtifactoryTokenBeforeExpiryMinutes = 0 uploadedFiles++ err = uploadWithSpecificServerAndVerify(t, artifactoryCommandExecutor, "testdata/a/b/b2.in", uploadedFiles) if err != nil { diff --git a/go.mod b/go.mod index d7e0ceb82..ab8149658 100644 --- a/go.mod +++ b/go.mod @@ -125,10 +125,10 @@ require ( // replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230828134416-f0db33dd9344 -// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230907095444-fd00f19be95d +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230913144425-ca6394308b7d // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.2.6-0.20230418122323-2bf299dd6d27 -// replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230906115540-2c3c91d271d6 +replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230913143831-14d189a3280f // replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38 diff --git a/go.sum b/go.sum index 172de0208..4be623d0c 100644 --- a/go.sum +++ b/go.sum @@ -239,10 +239,10 @@ github.com/jfrog/build-info-go v1.9.10 h1:uXnDLVxpqxoAMpXcki00QaBB+M2BoGMMpHODPk github.com/jfrog/build-info-go v1.9.10/go.mod h1:ujJ8XQZMdT2tMkLSMJNyDd1pCY+duwHdjV+9or9FLIg= github.com/jfrog/gofrog v1.3.0 h1:o4zgsBZE4QyDbz2M7D4K6fXPTBJht+8lE87mS9bw7Gk= github.com/jfrog/gofrog v1.3.0/go.mod h1:IFMc+V/yf7rA5WZ74CSbXe+Lgf0iApEQLxRZVzKRUR0= -github.com/jfrog/jfrog-cli-core/v2 v2.41.5 h1:+hQs69dXhNrDIDsBlEPcmLgywfkzyKrIsCZtBW486PU= -github.com/jfrog/jfrog-cli-core/v2 v2.41.5/go.mod h1:HCMfdtCy2B81EF8YiQlsfbG3CsLk/VeqoWGNYoSUz8Q= -github.com/jfrog/jfrog-client-go v1.32.1 h1:RQmuPSLsF5222vZJzwkgHSZMMJF83ExS7SwIvh4P+H8= -github.com/jfrog/jfrog-client-go v1.32.1/go.mod h1:362+oa7uTTYurzBs1L0dmUTlLo7uhpAU/pwM5Zb9clg= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230913144425-ca6394308b7d h1:yHq8gNEGJGL/U/GOnIUF/QFLUyQASAez9sh33Gp+Nr4= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230913144425-ca6394308b7d/go.mod h1:o6vmV/IaU/bdjijuIXkllUuQ/SZ7r8PV8fai8+Vu8J4= +github.com/jfrog/jfrog-client-go v1.28.1-0.20230913143831-14d189a3280f h1:QQdwpeVtcbp4prinH2eU7aR76EZVQmA2vvdQPKq5tsg= +github.com/jfrog/jfrog-client-go v1.28.1-0.20230913143831-14d189a3280f/go.mod h1:362+oa7uTTYurzBs1L0dmUTlLo7uhpAU/pwM5Zb9clg= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jszwec/csvutil v1.8.0 h1:G7vS2LGdpZZDH1HmHeNbxOaJ/ZnJlpwGFvOkTkJzzNk= From 1a0e2f5cb41752cfde8979a0ad0fa83fbfd78164 Mon Sep 17 00:00:00 2001 From: Eyal Delarea Date: Wed, 13 Sep 2023 18:32:29 +0300 Subject: [PATCH 4/6] Add Third party contextual analysis flag (#2196) --- go.mod | 2 -- scan/cli.go | 3 ++- utils/cliutils/commandsflags.go | 34 +++++++++++++++++++-------------- 3 files changed, 22 insertions(+), 17 deletions(-) diff --git a/go.mod b/go.mod index ab8149658..a91ace319 100644 --- a/go.mod +++ b/go.mod @@ -130,5 +130,3 @@ replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.2.6-0.20230418122323-2bf299dd6d27 replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230913143831-14d189a3280f - -// replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38 diff --git a/scan/cli.go b/scan/cli.go index 0cb030a7c..33c6df002 100644 --- a/scan/cli.go +++ b/scan/cli.go @@ -258,7 +258,8 @@ func createAuditCmd(c *cli.Context) (*audit.AuditCommand, error) { SetFail(c.BoolT("fail")). SetPrintExtendedTable(c.Bool(cliutils.ExtendedTable)). SetMinSeverityFilter(minSeverity). - SetFixableOnly(c.Bool(cliutils.FixableOnly)) + SetFixableOnly(c.Bool(cliutils.FixableOnly)). + SetThirdPartyApplicabilityScan(c.Bool(cliutils.ThirdPartyContextualAnalysis)) if c.String("watches") != "" { auditCmd.SetWatches(splitByCommaAndTrim(c.String("watches"))) diff --git a/utils/cliutils/commandsflags.go b/utils/cliutils/commandsflags.go index 24bc36d46..4de652c35 100644 --- a/utils/cliutils/commandsflags.go +++ b/utils/cliutils/commandsflags.go @@ -458,19 +458,20 @@ const ( BypassArchiveLimits = "bypass-archive-limits" // Audit commands - auditPrefix = "audit-" - useWrapperAudit = auditPrefix + UseWrapper - ExcludeTestDeps = "exclude-test-deps" - DepType = "dep-type" - RequirementsFile = "requirements-file" - watches = "watches" - workingDirs = "working-dirs" - repoPath = "repo-path" - licenses = "licenses" - vuln = "vuln" - ExtendedTable = "extended-table" - MinSeverity = "min-severity" - FixableOnly = "fixable-only" + auditPrefix = "audit-" + useWrapperAudit = auditPrefix + UseWrapper + ExcludeTestDeps = "exclude-test-deps" + DepType = "dep-type" + ThirdPartyContextualAnalysis = "third-party-contextual-analysis" + RequirementsFile = "requirements-file" + watches = "watches" + workingDirs = "working-dirs" + repoPath = "repo-path" + licenses = "licenses" + vuln = "vuln" + ExtendedTable = "extended-table" + MinSeverity = "min-severity" + FixableOnly = "fixable-only" // *** Mission Control Commands' flags *** missionControlPrefix = "mc-" curationThreads = "curation-threads" @@ -1634,6 +1635,11 @@ var flagsMap = map[string]cli.Flag{ Name: dryRun, Usage: "[Default: false] Set to true to only simulate the distribution of the release bundle.` `", }, + ThirdPartyContextualAnalysis: cli.BoolFlag{ + Name: ThirdPartyContextualAnalysis, + Usage: "Default: false] [npm] when set, the Contextual Analysis scan also uses the code of the project dependencies to determine the applicability of the vulnerability.", + Hidden: true, + }, } var commandFlags = map[string][]string{ @@ -1934,7 +1940,7 @@ var commandFlags = map[string][]string{ }, Audit: { xrUrl, user, password, accessToken, serverId, InsecureTls, project, watches, repoPath, licenses, xrOutput, ExcludeTestDeps, - useWrapperAudit, DepType, RequirementsFile, fail, ExtendedTable, workingDirs, Mvn, Gradle, Npm, Yarn, Go, Nuget, Pip, Pipenv, Poetry, MinSeverity, FixableOnly, + useWrapperAudit, DepType, RequirementsFile, fail, ExtendedTable, workingDirs, Mvn, Gradle, Npm, Yarn, Go, Nuget, Pip, Pipenv, Poetry, MinSeverity, FixableOnly, ThirdPartyContextualAnalysis, }, AuditMvn: { xrUrl, user, password, accessToken, serverId, InsecureTls, project, watches, repoPath, licenses, xrOutput, fail, ExtendedTable, useWrapperAudit, From 9093b589f70dc1b76a546912f65786cb238a7fb7 Mon Sep 17 00:00:00 2001 From: Eyal Delarea Date: Wed, 13 Sep 2023 18:43:10 +0300 Subject: [PATCH 5/6] Update Dependencies (#2205) --- go.mod | 17 +++++------------ go.sum | 28 +++++++++++++--------------- 2 files changed, 18 insertions(+), 27 deletions(-) diff --git a/go.mod b/go.mod index a91ace319..41070195e 100644 --- a/go.mod +++ b/go.mod @@ -5,12 +5,12 @@ go 1.20 require ( github.com/agnivade/levenshtein v1.1.1 github.com/buger/jsonparser v1.1.1 - github.com/go-git/go-git/v5 v5.8.1 + github.com/go-git/go-git/v5 v5.9.0 github.com/gocarina/gocsv v0.0.0-20230616125104-99d496ca653d github.com/jfrog/build-info-go v1.9.10 github.com/jfrog/gofrog v1.3.0 - github.com/jfrog/jfrog-cli-core/v2 v2.41.5 - github.com/jfrog/jfrog-client-go v1.32.1 + github.com/jfrog/jfrog-cli-core/v2 v2.43.0 + github.com/jfrog/jfrog-client-go v1.32.2 github.com/jszwec/csvutil v1.8.0 github.com/mholt/archiver/v3 v3.5.1 github.com/stretchr/testify v1.8.4 @@ -42,6 +42,7 @@ require ( github.com/containerd/containerd v1.7.3 // indirect github.com/cpuguy83/dockercfg v0.3.1 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect + github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/docker/distribution v2.8.2+incompatible // indirect github.com/docker/docker v24.0.5+incompatible // indirect @@ -52,7 +53,7 @@ require ( github.com/forPelevin/gomoji v1.1.8 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect - github.com/go-git/go-billy/v5 v5.4.1 // indirect + github.com/go-git/go-billy/v5 v5.5.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -122,11 +123,3 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) - -// replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230828134416-f0db33dd9344 - -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230913144425-ca6394308b7d - -// replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.2.6-0.20230418122323-2bf299dd6d27 - -replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230913143831-14d189a3280f diff --git a/go.sum b/go.sum index 4be623d0c..17a8d480f 100644 --- a/go.sum +++ b/go.sum @@ -103,10 +103,10 @@ github.com/cpuguy83/dockercfg v0.3.1/go.mod h1:sugsbF4//dDlL/i+S+rtpIWp+5h0BHJHf github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= -github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI= github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= +github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= +github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -124,7 +124,7 @@ github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDD github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 h1:iFaUwBSo5Svw6L7HYpRu/0lE3e0BaElwnNO1qkNQxBY= github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5/go.mod h1:qssHWj60/X5sZFNxpG4HBPDHVqxNm4DfnCKgrbZOT+s= github.com/dsnet/golib v0.0.0-20171103203638-1ea166775780/go.mod h1:Lj+Z9rebOhdfkVLjJ8T6VcRQv3SXugXy999NBtR9aFY= -github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3Oy0r2gRX4ui7tuhiZq2SuTtTCi0/0= +github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -142,11 +142,11 @@ github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbS github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= -github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4= -github.com/go-git/go-billy/v5 v5.4.1/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= +github.com/go-git/go-billy/v5 v5.5.0 h1:yEY4yhzCDuMGSv83oGxiBotRzhwhNr8VZyphhiu+mTU= +github.com/go-git/go-billy/v5 v5.5.0/go.mod h1:hmexnoNsr2SJU1Ju67OaNz5ASJY3+sHgFRpCtpDCKow= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f h1:Pz0DHeFij3XFhoBRGUDPzSJ+w2UcK5/0JvF8DRI58r8= -github.com/go-git/go-git/v5 v5.8.1 h1:Zo79E4p7TRk0xoRgMq0RShiTHGKcKI4+DI6BfJc/Q+A= -github.com/go-git/go-git/v5 v5.8.1/go.mod h1:FHFuoD6yGz5OSKEBK+aWN9Oah0q54Jxl0abmj6GnqAo= +github.com/go-git/go-git/v5 v5.9.0 h1:cD9SFA7sHVRdJ7AYck1ZaAa/yeuBvGPxwXDL8cxrObY= +github.com/go-git/go-git/v5 v5.9.0/go.mod h1:RKIqga24sWdMGZF+1Ekv9kylsDz6LzdTSI2s/OsZWE0= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -239,10 +239,10 @@ github.com/jfrog/build-info-go v1.9.10 h1:uXnDLVxpqxoAMpXcki00QaBB+M2BoGMMpHODPk github.com/jfrog/build-info-go v1.9.10/go.mod h1:ujJ8XQZMdT2tMkLSMJNyDd1pCY+duwHdjV+9or9FLIg= github.com/jfrog/gofrog v1.3.0 h1:o4zgsBZE4QyDbz2M7D4K6fXPTBJht+8lE87mS9bw7Gk= github.com/jfrog/gofrog v1.3.0/go.mod h1:IFMc+V/yf7rA5WZ74CSbXe+Lgf0iApEQLxRZVzKRUR0= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230913144425-ca6394308b7d h1:yHq8gNEGJGL/U/GOnIUF/QFLUyQASAez9sh33Gp+Nr4= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230913144425-ca6394308b7d/go.mod h1:o6vmV/IaU/bdjijuIXkllUuQ/SZ7r8PV8fai8+Vu8J4= -github.com/jfrog/jfrog-client-go v1.28.1-0.20230913143831-14d189a3280f h1:QQdwpeVtcbp4prinH2eU7aR76EZVQmA2vvdQPKq5tsg= -github.com/jfrog/jfrog-client-go v1.28.1-0.20230913143831-14d189a3280f/go.mod h1:362+oa7uTTYurzBs1L0dmUTlLo7uhpAU/pwM5Zb9clg= +github.com/jfrog/jfrog-cli-core/v2 v2.43.0 h1:euo1CjZcpMdWkFUQ3zffRPfCR1zXhLD6TE/lfexV99o= +github.com/jfrog/jfrog-cli-core/v2 v2.43.0/go.mod h1:NWqT0ZnAvEdjaXGp64POvRV35TJ2R/c0W45UmrXQonk= +github.com/jfrog/jfrog-client-go v1.32.2 h1:t0ceWCtFri+xsa0D2ESqD/itcovlxBXCky1A1MJ4P2I= +github.com/jfrog/jfrog-client-go v1.32.2/go.mod h1:UewnwkIf/77HzBgwCPzOHZCK6V/Nw5/JwdzN/tRb4aU= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jszwec/csvutil v1.8.0 h1:G7vS2LGdpZZDH1HmHeNbxOaJ/ZnJlpwGFvOkTkJzzNk= @@ -267,7 +267,6 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= @@ -305,9 +304,9 @@ github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3 github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nwaples/rardecode v1.1.0 h1:vSxaY8vQhOcVr4mm5e8XllHWTiM4JF507A0Katqw7MQ= github.com/nwaples/rardecode v1.1.0/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0= +github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc4 h1:oOxKUJWnFC4YGHCCMNql1x4YaDfYBTS5Y4x/Cgeo1E0= @@ -340,7 +339,7 @@ github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJ github.com/rivo/uniseg v0.4.3 h1:utMvzDsuh3suAEnhH0RdHmoPbU648o6CvXxTx4SBMOw= github.com/rivo/uniseg v0.4.3/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -783,7 +782,6 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= From b10022d62ce23f99afb3020170a3a5053a0fb02d Mon Sep 17 00:00:00 2001 From: Eyal Delarea Date: Wed, 13 Sep 2023 18:48:10 +0300 Subject: [PATCH 6/6] Promoted version to v2.47.0 (#2206) --- .github/workflows/frogbot-scan-pull-request.yml | 4 +++- .github/workflows/frogbot-scan-repository.yml | 1 + build/npm/v2-jf/package-lock.json | 2 +- build/npm/v2-jf/package.json | 2 +- build/npm/v2/package-lock.json | 2 +- build/npm/v2/package.json | 2 +- utils/cliutils/cli_consts.go | 2 +- 7 files changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/workflows/frogbot-scan-pull-request.yml b/.github/workflows/frogbot-scan-pull-request.yml index 998c8c91f..740419027 100644 --- a/.github/workflows/frogbot-scan-pull-request.yml +++ b/.github/workflows/frogbot-scan-pull-request.yml @@ -15,6 +15,7 @@ jobs: - uses: jfrog/frogbot@v2 env: JFROG_CLI_LOG_LEVEL: "DEBUG" + # [Mandatory] # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray) JF_URL: ${{ secrets.FROGBOT_URL }} @@ -116,4 +117,5 @@ jobs: # [Optional] # Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests # The following values are accepted: Low, Medium, High or Critical - # JF_MIN_SEVERITY: "" \ No newline at end of file + # JF_MIN_SEVERITY: "" + diff --git a/.github/workflows/frogbot-scan-repository.yml b/.github/workflows/frogbot-scan-repository.yml index b80238da9..12e117be8 100644 --- a/.github/workflows/frogbot-scan-repository.yml +++ b/.github/workflows/frogbot-scan-repository.yml @@ -20,6 +20,7 @@ jobs: - uses: jfrog/frogbot@v2 env: JFROG_CLI_LOG_LEVEL: "DEBUG" + # [Mandatory] # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray) JF_URL: ${{ secrets.FROGBOT_URL }} diff --git a/build/npm/v2-jf/package-lock.json b/build/npm/v2-jf/package-lock.json index 75b78f3f4..b73e73247 100644 --- a/build/npm/v2-jf/package-lock.json +++ b/build/npm/v2-jf/package-lock.json @@ -1,5 +1,5 @@ { "name": "jfrog-cli-v2-jf", - "version": "2.46.3", + "version": "2.47.0", "lockfileVersion": 1 } diff --git a/build/npm/v2-jf/package.json b/build/npm/v2-jf/package.json index d8e22f930..c9f4846ef 100644 --- a/build/npm/v2-jf/package.json +++ b/build/npm/v2-jf/package.json @@ -1,6 +1,6 @@ { "name": "jfrog-cli-v2-jf", - "version": "2.46.3", + "version": "2.47.0", "description": "🐸 Command-line interface for JFrog Artifactory, Xray, Distribution, Pipelines and Mission Control 🐸", "homepage": "https://github.com/jfrog/jfrog-cli", "preferGlobal": true, diff --git a/build/npm/v2/package-lock.json b/build/npm/v2/package-lock.json index 7128c0b7d..7731f7de6 100644 --- a/build/npm/v2/package-lock.json +++ b/build/npm/v2/package-lock.json @@ -1,5 +1,5 @@ { "name": "jfrog-cli-v2", - "version": "2.46.3", + "version": "2.47.0", "lockfileVersion": 1 } diff --git a/build/npm/v2/package.json b/build/npm/v2/package.json index 4fde475a8..1824a549b 100644 --- a/build/npm/v2/package.json +++ b/build/npm/v2/package.json @@ -1,6 +1,6 @@ { "name": "jfrog-cli-v2", - "version": "2.46.3", + "version": "2.47.0", "description": "🐸 Command-line interface for JFrog Artifactory, Xray, Distribution, Pipelines and Mission Control 🐸", "homepage": "https://github.com/jfrog/jfrog-cli", "preferGlobal": true, diff --git a/utils/cliutils/cli_consts.go b/utils/cliutils/cli_consts.go index 95ceaaa4c..931cbe6a5 100644 --- a/utils/cliutils/cli_consts.go +++ b/utils/cliutils/cli_consts.go @@ -4,7 +4,7 @@ import "time" const ( // General CLI constants - CliVersion = "2.46.3" + CliVersion = "2.47.0" ClientAgent = "jfrog-cli-go" // CLI base commands constants: