Skip to content

Releases: stacklet/sinistral-cli

v0.5.36: chore: Add release notes for 0.5.35 and 0.5.36 (ENG-7840) (#78)

Choose a tag to compare

@github-actions github-actions released this 15 Jun 20:41
Immutable release. Only release title and notes can be modified.
8552c68
[ENG-7840](https://stacklet.atlassian.net/browse/ENG-7840)

What
----

- Add release note sections for 0.5.35 (got skipped) and 0.5.36
(pending)
- Document the CVE dependency upgrades (0.5.35) and the c7n/c7n-left
upgrades (0.5.36)
- Add a generalized supply-chain hardening note for customers
- Omit internal-only changes that are not user-facing

Why
---

- The NEWS file was missing sections for the 0.5.35 and 0.5.36 releases

Testing
-------

N/A (documentation only)

Docs
----

`NEWS.md` updated


[ENG-7840]:
https://stacklet.atlassian.net/browse/ENG-7840?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

v0.5.35: chore: updates to dependencies for CVE fixes + zizmor fixes (#73)

Choose a tag to compare

@github-actions github-actions released this 15 Jun 20:12
Immutable release. Only release title and notes can be modified.
11eed05
### what

- Upgraded all dependencies via `uv lock --upgrade` to pull in
  CVE fixes
- Removed `requirements.txt` and its generation hook from
  `.pre-commit-config.yaml` now that Dependabot parses `uv.lock`
  natively
- Added `zizmor` to `.pre-commit-config.yaml` as a pre-commit hook
- Fixed all `zizmor` findings in CI/release workflows:
  - Added `persist-credentials: false` to all `actions/checkout`
    steps (artipacked)
  - Added explicit `permissions: contents: read` at workflow and
    job level where missing (excessive-permissions)
  - Replaced `${{ github.ref_name }}` inline in a `run:` block
    with an `env` variable to prevent template injection
    (template-injection)

### why

CVE fixes in transitive dependencies. Dependabot now supports
`uv.lock` directly, making the generated `requirements.txt`
redundant. `zizmor` is added to pre-commit to catch GitHub Actions
security issues early. The workflow fixes address the security
findings `zizmor` surfaced.

### testing

`zizmor .` reports no findings. Pre-commit hooks pass.

### docs

No documentation changes required.

---------------------------

🤖 Generated with [Claude Code](https://claude.com/claude-code)

---------

Co-authored-by: Tim Van Steenburgh <tvansteenburgh@gmail.com>

Updated for c7n-left 0.3.35

Choose a tag to compare

@albertodonato albertodonato released this 13 Feb 14:52
1b5bfa7

Release for upgrades to c7n-left 0.3.35 (c7n 0.9.49)

v0.5.33: chore: upgrade to c7n 0.9.47 (#64)

Choose a tag to compare

@github-actions github-actions released this 13 Feb 14:34
b344a02
[ENG-5821](https://stacklet.atlassian.net/browse/ENG-5821)

### what

Upgrade to c7n 0.9.47

### why

Forward.  Always.

### testing

- [x] Unit tests

### docs

N/A


[ENG-5821]:
https://stacklet.atlassian.net/browse/ENG-5821?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

v0.5.32: chore: update codecov-cli version (#61)

Choose a tag to compare

@github-actions github-actions released this 26 Aug 13:28
696bf53
### what

Update codecov-cli version

### why

This fixes a security vulnerability in one of its dependencies (by
removing the dependency).

### testing

Unit tests

### docs

N/A

v0.5.30

Choose a tag to compare

@github-actions github-actions released this 15 May 16:51
e23c9b2

What's Changed

  • chore: cleanup dependency version for c7n-left drop == by @albertodonato in #53
  • fix: add global debug flag to suppress traceback unless -d/--debug specified (ENG-3817) by @goodwillstack in #54
  • chore: update c7n to 0.9.43 (ENG-4616) by @howbazaar in #55
  • chore: update tools and their versions (ENG-5091) by @howbazaar in #57
  • chore: update c7n to 0.9.44, prep release 0.5.30 (ENG-5015) by @ajkerrigan in #56

New Contributors

Full Changelog: v0.5.0...v0.5.30

v0.5.0

Choose a tag to compare

@github-actions github-actions released this 03 Dec 23:11
b8cade4

What's Changed

  • chore: pull in c7n-left 0.3.28, increment version by @ajkerrigan in #52

New Contributors

Full Changelog: v0.4.0...v0.5.0

v0.4.0

Choose a tag to compare

@github-actions github-actions released this 30 Oct 16:29
da93b44

What's Changed

Full Changelog: v0.3.0...v0.4.0

v0.3.0

Choose a tag to compare

@github-actions github-actions released this 30 Sep 21:33
96b028e

What's Changed

  • fix: move global options to cli only (ENG-3700) by @albertodonato in #45
  • fix: Add error handling for lack of metadata by @sontek in #46
  • chore: update versions of c7n-left and increment sinistral-cli version by @kapilt in #47
  • chore: update to latest sigstore action by @tvansteenburgh in #48

New Contributors

Full Changelog: v0.2.7...v0.3.0

v0.2.7

Choose a tag to compare

@thisisshi thisisshi released this 13 Aug 16:01
316f980

What's Changed

  • fix: fix project name param for run command by @johnsca in #38
  • fix: case-sensitive severity by @tvansteenburgh in #39
  • feat: support critical severity (ENG-2663) by @johnsca in #40
  • feat: add support for is_default flag on policy collections (ENG-2684) by @johnsca in #34
  • feat: release sinistral cli on tag/release by @thisisshi in #41
  • chore: update dependencies (ENG-3373) by @albertodonato in #42
  • chore: update to latest c7n-left (ENG-3431) by @fwereade in #43
  • fix: explicit pin of upstream c7n-left version by @johnsca in #44

New Contributors

Full Changelog: v0.2.6...v0.2.7