goreleaser-action

mirror of https://github.com/goreleaser/goreleaser-action synced 2026-06-30 02:07:30 +00:00

Author	SHA1	Message	Date
Carlos Alexandro Becker	4b462d3d1d	feat: verify release checksum and cosign signature (#550 ) * feat: verify release checksum and cosign signature Download checksums.txt for the release and verify the SHA-256 of the downloaded archive against it. When cosign is available in PATH, also download checksums.txt.sigstore.json and verify the signature against the goreleaser/goreleaser-pro release workflow identity. Both steps degrade gracefully (with a warning) when the corresponding artifacts or tooling are missing. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * test: use install() for checksum e2e tests Drop the http-client download helper from verifyChecksum integration tests; call goreleaser.install() instead so the test exercises the public API path and avoids duplicating download logic. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>	2026-04-18 14:34:46 -03:00
Carlos Alexandro Becker	18bbabc70c	feat!: use "~> v2" as default (#463 ) * feat!: use "~> v2" as default Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> * fix: more changes Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> * gen Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> * docs: update * docs: update --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>	2024-06-04 21:50:33 -03:00
Carlos Alexandro Becker	f1dbd532c3	feat: lock this major version of the action to use '~> v1' as 'latest' (#461 ) * feat: warn about using 'latest' * feat: use "~> v1" as latest Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> * feat: default to "~> v1" instead of "latest" Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>	2024-05-10 13:30:10 -03:00
CrazyMax	f82d6c1c34	fix: don't depend on the GitHub API to check release (#391 ) * fix: don't depend on the GitHub API to check release * chore: update generated content --------- Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-01-30 14:11:41 +01:00
Carlos Alexandro Becker	9754a253a8	fix: use @action/github (#390 ) * fix: use @action/github Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com> Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> * Update README.md Co-authored-by: CrazyMax <github@crazymax.dev> * Update action.yml Co-authored-by: CrazyMax <github@crazymax.dev> --------- Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com> Co-authored-by: CrazyMax <github@crazymax.dev>	2023-01-27 23:22:07 -03:00
CrazyMax	c25888f15f	chore: update dev dependencies and workflow (#342 ) Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>	2022-04-25 05:17:05 +02:00
CrazyMax	39419c3fac	refactor: setup context (#325 ) Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>	2022-02-27 17:22:06 +01:00

7 Commits