v0.36.0

Changelog

• df0b7b1 Adding data flag to conftest push (#749)
• f6d9e05 Detect Quay.io OCI registry in downloader (#747)
• f5980ad build(deps): bump alpine from 3.16.2 to 3.16.3 (#753)
• cbe257c build(deps): bump github.com/open-policy-agent/opa from 0.45.0 to 0.46.1 (#751)
• eb7ef1a ci: [draft/test] fix runtime to 3.8 as it's default in focal (#755)
• f18b7bb fix: preserve metadata annotations on OCI registry push (#750)

v0.35.0

Changelog

• 8ba562b Bump Go to v1.18.5 (#735)
• f13022c Bump x/net and opa to patch CVEs (#743)
• 733e102 Merge pull request #744 from open-policy-agent/dependabot/go_modules/github.com/open-policy-agent/opa-0.45.0
• 6771fdf build(deps): bump alpine from 3.16.1 to 3.16.2 (#736)
• 108edfe build(deps): bump github.com/open-policy-agent/opa from 0.43.0 to 0.44.0 (#739)
• 3532e7f build(deps): bump github.com/open-policy-agent/opa from 0.44.0 to 0.45.0
• 92735d0 workflow: update set-output usage (#745)

v0.34.0

New Features

• Add parse_config and parse_config_file Rego functions to allow unit testing using config file snippets. Find out how to use these at https://www.conftest.dev/#writing-unit-tests.

Changelog

• 6c782e8 Add parse_config and parse_config_file builtins (#726)
• 0f2537f Bump alpine from 3.16.0 to 3.16.1 (#727)
• b671542 Bump golang from 1.18.3-alpine to 1.18.4-alpine (#724)
• 25abb63 Use pkg.go.dev for constants reference (#728)
• 3aada8c build(deps): bump github.com/open-policy-agent/opa from 0.42.2 to 0.43.0 (#732)

v0.33.2

Changelog

• f5130af Bump github.com/open-policy-agent/opa from 0.42.1 to 0.42.2 (#723)

v0.33.1

Changelog

• f10341f Add OCI Push and Pull tests to CI (#718)
• aa11f0b Bump github.com/open-policy-agent/opa from 0.42.0 to 0.42.1 (#722)

v0.33.0

Bug Fixes

• Fix 404 error when using conftest push (#721)

Other Improvements

• Bump OPA to v0.42.0
• Bump Go to v1.18.3

Changelog

• 88e6b0e Bump github.com/open-policy-agent/opa from 0.40.0 to 0.41.0 (#713)
• 58cc3d3 Bump github.com/open-policy-agent/opa from 0.41.0 to 0.42.0 (#720)
• 4719e25 Bump golang from 1.18.2-alpine to 1.18.3-alpine (#714)
• 45f37d5 Update golang 1.18.3 (#719)
• a68cd05 bug: Fix 404 error when using the push command (#721)

v0.32.1

ℹ️ This is a security release to patch critical host path traversal and command injection vulnerabilities in the go-getter library ℹ️

More details can be found in the HCSEC-2022-13 HashiCorp Security Advisory.

Changelog

• 197f5db Bump alpine from 3.15.4 to 3.16.0 (#711)
• 8153721 Bump github.com/hashicorp/go-getter from 1.5.10 to 1.5.11 (#708)
• c9816d2 Bump github.com/hashicorp/go-getter to v1.6.1 (#712)
• 0406ed5 Bump golang from 1.18.1-alpine to 1.18.2-alpine (#710)

v0.32.0

New Features

• Support for limiting the test engine's capabilities - thank you @boranx!

Bug Fixes

• conftest push no longer creates different OCI images when run against the same policy set - thanks @macox!

Other improvements

• OPA bump from v0.39.0 to v0.40.0

Changelog

• 30ea309 Bump github.com/open-policy-agent/opa from 0.39.0 to 0.40.0 (#706)
• afd22f1 Update oras-go to v1.1.1 (#702)
• 127ae70 feat: add capabilities feature to conftest (#704)

v0.31.0

⚠️ Potentially Breaking Changes ⚠️

• JUnit output now includes OPA namespace in test name for better grouping #699
• Output for parse command only emits valid JSON #686

New Features

• Support for JSONC files #691. Thank you @greggroth!

Other Improvements

• Bump OPA to v0.39.0
• Bump Golang to v1.18.1
• Builds now include ppc64le archiecture #676 Thank you @seth-priya!

Changelog

• 7d0099b Add OPA version to --version output (#674)
• cadee70 Add parser for JSONC documents (#691)
• ce409db Adding ppc64le support (#676)
• a212330 Bump Go to 1.17.6 in pull_request and release workflows (#665)
• 89ab471 Bump Go version in GHA workflows to 1.18.1 (#703)
• 849914d Bump OPA to 0.39.0
• a934bad Bump alpine from 3.15.0 to 3.15.1 (#688)
• 92ed361 Bump alpine to 3.15.4 for release image
• c1a5ce7 Bump github.com/open-policy-agent/opa from 0.36.0 to 0.36.1 (#664)
• a42245b Bump github.com/open-policy-agent/opa from 0.36.1 to 0.37.0 (#670)
• 92e25c6 Bump github.com/open-policy-agent/opa from 0.37.0 to 0.37.1 (#672)
• e92e38e Bump github.com/open-policy-agent/opa from 0.37.1 to 0.37.2 (#677)
• 8a4cedb Bump github.com/open-policy-agent/opa from 0.37.2 to 0.38.0 (#681)
• a0f7472 Bump github.com/open-policy-agent/opa from 0.38.0 to 0.38.1 (#685)
• e064639 Bump golang from 1.17.5-alpine to 1.17.6-alpine (#663)
• 9785f05 Bump golang from 1.17.6-alpine to 1.17.7-alpine (#678)
• c9c6998 Bump golang from 1.17.7-alpine to 1.17.8-alpine (#683)
• fb8eff6 Bump golang from 1.17.8-alpine to 1.18.1-alpine (#701)
• f978235 Bump mkdocs to 1.3.0
• ede96fb Install latest conftest version (#673)
• a823584 Make runner package public
• cb5b8f1 Only emit valid JSON when using the parse command (#686)
• 63b8058 Refactor JUnit output formatting (#699)
• 18725cf Update Go version in pipelines to 1.17.7 (#679)
• 79b26df Update install.md - Fix install command (#692)

v0.30.1

This is a re-release of v0.30.0 with no code changes

See #700 for more information.