Releases · gitpod-io/leeway

15 Dec 13:10

github-actions

v0.16.0

9bbfce1

v0.16.0 Latest

Latest

What's Changed

fix: correct build summary counts for packages built after verification failure by @leodido in #295
feat: add OpenTelemetry tracing with build and package spans by @corneliusludmann in #288
fix: OCI extraction and SBOM export mode detection by @leodido in #296
fix: skip vulnerability scanning for packages that failed to build by @leodido in #299
feat: optimize S3 cache performance with batch operations and increased workers by @leodido in #278
feat: implement dependency-aware download scheduling by @leodido in #279
fix(yarn): add --frozen-lockfile to default install command by @leodido in #301
docs: add security note about ignore-scripts for yarn packages by @leodido in #302
fix: validate dependencies after download to prevent cache inconsistency by @leodido in #300
fix(yarn): patch yarn.lock for link: dependencies and fix extraction path by @leodido in #303
Fix typos in comments, docs, and tests by @leodido in #304
fix!: correct typo in vet check name by @leodido in #305
fix(cache): require dependencies in local cache for cached packages by @leodido in #306
perf(cache): return detailed download results for smarter cache decisions by @leodido in #307
perf(cache): add environment variables for S3 cache tuning by @leodido in #308
fix: make GetTransitiveDependencies return deterministic order by @leodido in #309
fix: add --sort=name to tar command for deterministic archives by @leodido in #310
feat: store SBOM files outside tar.gz artifacts by @leodido in #311
fix: add -trimpath to default Go build command by @leodido in #312
fix: skip packages without SBOM during vulnerability scanning by @leodido in #313
fix: resolve builtin variables in PackageInternal (prep, env) by @leodido in #314
fix: upload (external) SBOM files alongside artifacts by @leodido in #315

Full Changelog: v0.15.0...v0.16.0

Contributors

leodido and corneliusludmann

Assets 7

13 Dec 16:11

github-actions

v0.16.0-rc13

7b5ffb0

v0.16.0-rc13 Pre-release

Pre-release

Changelog

7e41168 fix: upload SBOM files even when artifact already exists
5e90928 fix: upload SBOM files in sign-cache command
7b5ffb0 refactor: consolidate SBOM extension constants in cache package

Assets 7

12 Dec 14:45

github-actions

v0.16.0-rc9

eb5e08c

v0.16.0-rc9 Pre-release

Pre-release

Changelog

740a63f feat: store SBOM files outside tar.gz artifacts
fcdb2ec fix!: correct typo in vet check name
28c3ea6 fix(cache): require dependencies in local cache for cached packages
1aa988a fix: add --sort=name to tar command for deterministic archives
eb5e08c fix: add -trimpath to default Go build command for reproducible builds
0e85232 fix: correct typos in comments and documentation
a81e7da fix: correct typos in filename and error message
098444f fix: correct typos in test case names
f8679f7 fix: make GetTransitiveDependencies return deterministic order
992b32f perf(cache): add environment variables for S3 cache tuning
32d3e47 perf(cache): return detailed download results for smarter cache decisions
96bae24 test(cache): use Go packages in integration test for transitive deps

Assets 7

12 Dec 19:32

github-actions

v0.16.0-rc12

c53da73

v0.16.0-rc12 Pre-release

Pre-release

Changelog

c53da73 fix: resolve builtin variables in PackageInternal (prep, env)
d4094a2 fix: skip SBOM scan for downloaded packages without SBOM

Assets 7

12 Dec 16:54

github-actions

v0.16.0-rc11

c5de41a

v0.16.0-rc11 Pre-release

Pre-release

Changelog

c5de41a fix: resolve builtin variables in PackageInternal (prep, env)

Assets 7

12 Dec 15:40

github-actions

v0.16.0-rc10

b5e3cbf

v0.16.0-rc10 Pre-release

Pre-release

Changelog

b5e3cbf fix: skip SBOM scan for downloaded packages without SBOM

Assets 7

11 Dec 23:15

github-actions

v0.16.0-rc8

3eb1928

v0.16.0-rc8 Pre-release

Pre-release

Changelog

3eb1928 perf(cache): add environment variables for S3 cache tuning

Assets 7

11 Dec 12:51

github-actions

v0.16.0-rc7

11e76f6

v0.16.0-rc7 Pre-release

Pre-release

Changelog

fcdb2ec fix!: correct typo in vet check name
80b4e7a fix(cache): require dependencies in local cache for cached packages
0e85232 fix: correct typos in comments and documentation
a81e7da fix: correct typos in filename and error message
098444f fix: correct typos in test case names
11e76f6 perf(cache): return detailed download results for smarter cache decisions
cbd588d test(cache): use Go packages in integration test for transitive deps

Assets 7

05 Dec 12:32

github-actions

v0.16.0-rc6

cb9e4f0

v0.16.0-rc6 Pre-release

Pre-release

Changelog

0cc793e fix "yarn install" invocation: --frozenlockfile -> --frozen-lockfile
3bf13c6 fix(yarn): add --frozen-lockfile to default install command
cb9e4f0 fix(yarn): handle scoped packages in link dependency extraction
f82d2ed fix(yarn): patch yarn.lock for link: dependencies and fix extraction path
a19656c fix: validate dependencies after download to prevent cache inconsistency
f552c5c test(s3): reduce flaky threshold for batch optimization test
aa9a7a5 test(yarn): add tests for link dependency patching
8b9566a test(yarn): add tests for scoped package extraction

Assets 7

04 Dec 20:16

github-actions

v0.16.0-rc5

8f0e3d2

v0.16.0-rc5 Pre-release

Pre-release

Changelog

0cc793e fix "yarn install" invocation: --frozenlockfile -> --frozen-lockfile
3bf13c6 fix(yarn): add --frozen-lockfile to default install command
8cb1ccf fix(yarn): patch yarn.lock for link: dependencies and fix extraction path
8f0e3d2 test(s3): reduce flaky threshold for batch optimization test

Assets 7

Releases: gitpod-io/leeway

v0.16.0

What's Changed

Contributors

Uh oh!

v0.16.0-rc13

Changelog

Uh oh!

v0.16.0-rc9

Changelog

Uh oh!

v0.16.0-rc12

Changelog

Uh oh!

v0.16.0-rc11

Changelog

Uh oh!

v0.16.0-rc10

Changelog

Uh oh!

v0.16.0-rc8

Changelog

Uh oh!

v0.16.0-rc7

Changelog

Uh oh!

v0.16.0-rc6

Changelog

Uh oh!

v0.16.0-rc5

Changelog

Uh oh!