Bump mszostok/codeowners-validator from v0.5.1 to v0.6.0

[dependabot]

Bumps mszostok/codeowners-validator from v0.5.1 to v0.6.0.

Release notes

Sourced from mszostok/codeowners-validator's releases.

v0.6.0

🚨GitHub Codeowners Validator 0.6.0 is now available!

Highlights

• ✨ Add validation for checking if team has a proper permission Due to the new permission validation step in Owners Checker, this check takes a little more time.

• 🐛 Fix bug in Owners Checker. Now Owners Checker supports child teams with inherited repo perms.

• ⚠️ Error message was changed in Owners Checker. From [err] line 15: Team "avengers" does not have permissions associated with the repository "codeowners-samples". To [err] line 15: Team "avengers" does not exist in organization "gh-codeowners" or has no permissions associated with the repository.

Installation

To install the codeowners-validator, run:

# Install codeowners-validator in /usr/local/bin in version 0.6.0
curl -sfL https://raw.githubusercontent.com/mszostok/codeowners-validator/master/install.sh| sh -s -- -b /usr/local/bin v0.6.0

See the Installation section for more installation options.

Docker images

• docker pull mszostok/codeowners-validator:latest
• docker pull mszostok/codeowners-validator:v0.6.0
• docker pull mszostok/codeowners-validator:v0.6

Changelog 🚀

8fafb0b Adjust docs and GitHub action for v0.6.0 release 2f6e3bb Fix badly worded error (#64) 5ed7b98 Adjust integration test after changing error message 204640e address comments from PR #62 9224144 Add permissions check to valid_owner cde24ed Add a twitter badge e5e11b0 rename test to comply with golang.org/x/mod/module.CheckFilePath (#60)

Contributors

Thanks again to everyone who contributed to this release! ✨

Users whose commits are in this release:

• @mszostok
• @jspiro

... (truncated)

Changelog

Sourced from mszostok/codeowners-validator's changelog.

builds:

• env:
  • CGO_ENABLED=0 hooks:

    Install upx first, https://github.com/upx/upx/releases

    post: ./hack/compress.sh goos:
  • linux
  • darwin
  • windows goarch:
  • amd64
  • 386 ldflags:
    • -s -w -X github.com/mszostok/codeowners-validator/pkg/version.version={{.Version}} -X github.com/mszostok/codeowners-validator/pkg/version.commit={{.ShortCommit}} -X github.com/mszostok/codeowners-validator/pkg/version.buildDate={{.Date}}

  List of combinations of GOOS + GOARCH + GOARM to ignore.

  Default is empty.

  ignore:
  • goos: darwin goarch: 386 archive: replacements: darwin: Darwin linux: Linux windows: Windows 386: i386 amd64: x86_64 format_overrides:
  • goos: windows format: zip checksum: name_template: 'checksums.txt' snapshot: name_template: "{{ .Tag }}-next" changelog: sort: asc filters: exclude:
  • '^docs:'
  • '^test:'

dockers:

• dockerfile: Dockerfile binaries:
  • codeowners-validator image_templates:
  • "mszostok/codeowners-validator:latest"
  • "mszostok/codeowners-validator:{{ .Tag }}"
  • "mszostok/codeowners-validator:v{{ .Major }}.{{ .Minor }}"

Commits

• 2f6e3bb Fix badly worded error (#64)
• 8fafb0b Adjust docs and GitHub action for v0.6.0 release
• 5ed7b98 Adjust integration test after changing error message
• 204640e address comments from PR #62
• 9224144 Add permissions check to valid_owner
• cde24ed Add a twitter badge
• e5e11b0 rename test to comply with golang.org/x/mod/module.CheckFilePath (#60)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #514 (efc7310) into master (55eb162) will not change coverage.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #514   +/-   ##
======================================
  Coverage    71.9%   71.9%           
======================================
  Files          58      58           
  Lines        3418    3418           
  Branches      647     647           
======================================
  Hits         2458    2458           
  Misses        826     826           
  Partials      134     134           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 55eb162...efc7310. Read the comment docs.

[s-weigand]

Hmmm, I did some digging and it might be a problem with the token itself, does the token have read:org scope?

Background:
Before the changes this action was calling the API endpoint Repositories.ListTeams.
And after it calls Teams.ListTeams and Teams.IsTeamRepoBySlug, where Teams.ListTeams requires read:org scope.

If the token has read:org scope we might need to file an issue at mszostok/codeowners-validator.

[jsnel]

I added read:org to the token (it only had public:org)
@dependabot rebase

[dependabot]

Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[jsnel]

The master branch was updated, please
@dependabot recreate

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information

[jsnel]

ok