Update Go API bindings to version 0.0.59 and automate future updates#59
Merged
Merged
Conversation
Binding version: 0.0.59 Cloudsmith API version: 1.1288.1 Also ports the tooling/automation from cloudsmith-io/cloudsmith-api#96, adapted for this Go-only, Docker-generated repo: - .mise.toml pins the host toolchain (go, jq) and adds generate / update-bindings tasks. Docker remains a separate prerequisite. - Update API bindings workflow: regenerates and opens a PR on demand (workflow_dispatch) or daily on a schedule, only when the bindings actually change, closing any superseded automated PRs first. - zizmor Security workflow + pre-commit hook. - Hardened go.yml (hash-pinned actions, persist-credentials: false, explicit permissions, mise-managed toolchain). - bin/generate: gsed->sed shim and case-insensitive CONTRIBUTING guard so the daily build works on Linux runners. - Documented the mise + Docker workflow in CONTRIBUTING. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
BartoszBlizniak
approved these changes
Jul 15, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updates the generated Go bindings to the latest CloudSmith API and ports the tooling/automation from cloudsmith-io/cloudsmith-api#96, adapted for this Go-only, Docker-generated repo.
Bindings
0.0.59(previously0.0.58)1.1288.1Tooling & automation
.mise.tomlpins the host tools (go,jq) so local dev and CI share the same setup. Docker (openapi-generator) remains a separate prerequisite on purpose.Update API bindingsGitHub Actions workflow — regenerates the bindings and opens a PR on demand (workflow_dispatch, optionally with a specific version) or daily on a schedule. It opens a PR only when the regenerated bindings actually change, and closes any superseded automated PRs first.Securityworkflow (.github/workflows/zizmor.yml) using the officialzizmorcore/zizmor-action. Workflows are hardened against zizmor findings:workflow_dispatchinputs and step outputs pass throughenvrather than being interpolated intorunblocks,persist-credentials: falseon checkout, minimalpermissions, and all actions hash-pinned.go.yml— hash-pinned actions,persist-credentials: false, explicitpermissions, and mise-managed toolchain.bin/generate— added agsed→sedshim and a case-insensitiveCONTRIBUTINGguard so the daily build runs correctly on Linux CI runners.CONTRIBUTING.md.Notes
1.1230.1).lint.ymlfrom the source PR was intentionally omitted — this repo has no Python.🤖 Generated with Claude Code