Update dependency github-cli to v2.64.0

[ssbarnea]

This PR contains the following updates:

Package	Update	Change
github-cli	minor	2.55.0 -> 2.64.0

---

Release Notes

cli/cli (github-cli)

v2.64.0: GitHub CLI 2.64.0

Compare Source

What's Changed

• docs: improve docs for browse command as of #​5352 by @​ankddev in https://github.com/cli/cli/pull/10025
• Open PR against gh-merge-base by @​heaths in https://github.com/cli/cli/pull/9712
• Add integration tests for gh attestation verify when the bundle-from-oci flag is specified by @​malancas in https://github.com/cli/cli/pull/10020
• gh repo rename help text clarifies new repo name should not include owner by @​BagToad in https://github.com/cli/cli/pull/10044
• fix: list branches in square brackets in gh run and gh codespace by @​uday-rana in https://github.com/cli/cli/pull/10043
• Bump actions/attest-build-provenance from 1.4.4 to 2.1.0 by @​dependabot in https://github.com/cli/cli/pull/10056
• Bump golang.org/x/crypto from 0.29.0 to 0.31.0 by @​dependabot in https://github.com/cli/cli/pull/10070
• Improve documentation and error messaging for local extension installations without executables by @​BagToad in https://github.com/cli/cli/pull/9933
• docs: better document auth scopes by @​ankddev in https://github.com/cli/cli/pull/10026
• Sigstore verifier logic updates by @​malancas in https://github.com/cli/cli/pull/9999
• gh pr merge --delete-branch exits with error when merge requested via merge queue by @​BagToad in https://github.com/cli/cli/pull/10074
• sundry gh at inspect improvements by @​phillmv in https://github.com/cli/cli/pull/9954
• Support pr view for intra-org forks by @​williammartin in https://github.com/cli/cli/pull/10078
• Print policy information before verifying attestations by @​malancas in https://github.com/cli/cli/pull/9891
• Improve error handling in apt setup script by @​jobegrabber in https://github.com/cli/cli/pull/10055
• Use Windows compatible file name for downloaded attestations when running gh attestation download by @​malancas in https://github.com/cli/cli/pull/10051
• Bump github.com/cpuguy83/go-md2man/v2 from 2.0.5 to 2.0.6 by @​dependabot in https://github.com/cli/cli/pull/10094
• Perform all gh attestation verify policy options configuration in the newEnforcementCriteria() function by @​malancas in https://github.com/cli/cli/pull/10012

New Contributors

• @​ankddev made their first contribution in https://github.com/cli/cli/pull/10025
• @​uday-rana made their first contribution in https://github.com/cli/cli/pull/10043
• @​jobegrabber made their first contribution in https://github.com/cli/cli/pull/10055

Full Changelog: cli/cli@v2.63.2...v2.64.0

v2.63.2: GitHub CLI 2.63.2

Compare Source

What's Changed

• Use consistent slice ordering in run download tests by @​williammartin in https://github.com/cli/cli/pull/10006
• Fix bug when fetching bundles from OCI registry by @​malancas in https://github.com/cli/cli/pull/10019
• Use safepaths for run download by @​williammartin in https://github.com/cli/cli/pull/10009
• Error for mutually exclusive json and watch flags by @​andyfeller in https://github.com/cli/cli/pull/10016

Full Changelog: cli/cli@v2.63.1...v2.63.2

v2.63.1: GitHub CLI 2.63.1

Compare Source

What's Changed

• Fix formatting in git/client_test.go comments for linter by @​BagToad in https://github.com/cli/cli/pull/9969
• Bump github.com/gabriel-vasile/mimetype from 1.4.6 to 1.4.7 by @​dependabot in https://github.com/cli/cli/pull/9942
• Clarify which commands correspond to which DNF version under Linux install instructions by @​BagToad in https://github.com/cli/cli/pull/9976
• When renaming an existing remote as part of remote creation in gh repo fork, log the change by @​timrogers in https://github.com/cli/cli/pull/9983
• Fix PR checkout panic when base repo is not in remotes by @​williammartin in https://github.com/cli/cli/pull/9992

Security

• A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download.

  For more information, see GHSA-2m9h-r57g-45pj

Full Changelog: cli/cli@v2.63.0...v2.63.1

v2.63.0: GitHub CLI 2.63.0

Compare Source

What's Changed

• Support bare repo creation by @​williammartin in https://github.com/cli/cli/pull/9905
• Refactor the getAttestations functions by @​malancas in https://github.com/cli/cli/pull/9892
• Added a section on manual verification of the relases. by @​kommendorkapten in https://github.com/cli/cli/pull/9936
• Adding option to return baseRefOid in pr view by @​daliusd in https://github.com/cli/cli/pull/9938
• Update verification results printing by @​malancas in https://github.com/cli/cli/pull/9937
• Fix some multiline command documentation to use heredoc strings by @​BagToad in https://github.com/cli/cli/pull/9948
• Print friendly error when release create fails due to missing workflow OAuth scope by @​BagToad in https://github.com/cli/cli/pull/9791

Full Changelog: cli/cli@v2.62.0...v2.63.0

Security

• A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when cloning repositories containing git submodules hosted outside of GitHub.com and ghe.com.

  For more information, see GHSA-jwcm-9g39-pmcw

New Contributors

• @​daliusd made their first contribution in https://github.com/cli/cli/pull/9938

v2.62.0: GitHub CLI 2.62.0

Compare Source

What's Changed

• Update monotonic verification logic and testing by @​malancas in https://github.com/cli/cli/pull/9856
• Check extension for latest version when executed by @​andyfeller in https://github.com/cli/cli/pull/9866
• Shorten extension release checking from 3s to 1s by @​andyfeller in https://github.com/cli/cli/pull/9914
• Mention GitHub CLI team on discussion issues by @​andyfeller in https://github.com/cli/cli/pull/9920

Full Changelog: cli/cli@v2.61.0...v2.62.0

Security

• A security vulnerability has been identified in GitHub CLI that could allow remote code execution (RCE) when users connect to a malicious Codespace SSH server and use the gh codespace ssh or gh codespace logs commands.

  For more information, see GHSA-p2h2-3vg9-4p87

GitHub CLI notifies users about latest extension upgrades

Similar to the notification of latest gh releases, the v2.62.0 version of GitHub CLI will notify users about latest extension upgrades when the extension is used:

$ gh ado2gh
...

A new release of ado2gh is available: 1.7.0 → 1.8.0
To upgrade, run: gh extension upgrade ado2gh --force
https://github.com/github/gh-ado2gh

Why does this matter?

This removes a common pain point of extension authors as they have had to reverse engineer and implement a similar mechanism within their extensions directly.

With this quality of life improvement, there are 2 big benefits:

1. Extension authors will hopefully see increased adoption of newer releases while having lower bar to maintaining their extensions.
2. GitHub CLI users will have greater awareness of new features, bug fixes, and security fixes to the extensions used.

What do you need to do?

Extension authors should review their extensions and consider removing any custom logic previously implemented to notify users of new releases.

v2.61.0: GitHub CLI 2.61.0

Compare Source

Ensure users understand consequences before making repository visibility changes

In v2.61.0, gh repo edit command has been enhanced to inform users about consequences of changing visibility and ensure users are intentional before making irreversible changes:

1. Interactive gh repo edit visibility change requires confirmation when changing from public, private, or internal
2. Non-interactive gh repo edit --visibility change requires new --accept-visibility-change-consequences flag to confirm
3. New content to inform users of consequences
   • Incorporate GitHub Docs content into help usage and interactive gh repo edit experience
   • Expanded help usage to call out most concerning consequences
   • Display repository star and watcher counts to understand impact before confirming

What's Changed

• Add acceptance test for project command by @​jtmcg in https://github.com/cli/cli/pull/9816
• Add comprehensive testscript for gh ruleset by @​andyfeller in https://github.com/cli/cli/pull/9815
• Add comprehensive testscript for gh ext commandset by @​andyfeller in https://github.com/cli/cli/pull/9810
• Require visibility confirmation in gh repo edit by @​andyfeller in https://github.com/cli/cli/pull/9845
• Clean up skipped online tests for gh attestation verify by @​malancas in https://github.com/cli/cli/pull/9838
• gh attestation verify should only verify provenance attestations by default by @​malancas in https://github.com/cli/cli/pull/9825
• Set dnf5 commands as default by @​its-miroma in https://github.com/cli/cli/pull/9844
• Fix verbiage for deleting workflow runs by @​akx in https://github.com/cli/cli/pull/9876
• Bump github.com/creack/pty from 1.1.23 to 1.1.24 by @​dependabot in https://github.com/cli/cli/pull/9862
• gh attestation verify policy enforcement refactor by @​malancas in https://github.com/cli/cli/pull/9848
• Simplify Sigstore verification result handling in gh attestation verify by @​malancas in https://github.com/cli/cli/pull/9877
• Print empty array for gh cache list when --json is provided by @​williammartin in https://github.com/cli/cli/pull/9883
• Bump actions/attest-build-provenance from 1.4.3 to 1.4.4 by @​dependabot in https://github.com/cli/cli/pull/9884
• Create the automatic key when specified with -i by @​cmbrose in https://github.com/cli/cli/pull/9881
• fix: gh pr create -w ignore template flag by @​nilvng in https://github.com/cli/cli/pull/9863

New Contributors

• @​akx made their first contribution in https://github.com/cli/cli/pull/9876
• @​nilvng made their first contribution in https://github.com/cli/cli/pull/9863

Full Changelog: cli/cli@v2.60.1...v2.61.0

v2.60.1: GitHub CLI 2.60.1

Compare Source

This is a small patch release to fix installing gh via go install which was broken with v2.60.0.

What's Changed

• Update testscript to use hard fork by @​williammartin in https://github.com/cli/cli/pull/9821

Full Changelog: cli/cli@v2.60.0...v2.60.1

v2.60.0: GitHub CLI 2.60.0

Compare Source

What's Changed

• Add ArchivedAt field by @​tsukasaI in https://github.com/cli/cli/pull/9790
• Include startedAt, completedAt in run steps data by @​andyfeller in https://github.com/cli/cli/pull/9774
• Adjust environment help for host and tokens by @​williammartin in https://github.com/cli/cli/pull/9809
• Add handling of empty titles for Issues and PRs by @​jtmcg in https://github.com/cli/cli/pull/9701
• LiveSigstoreVerifier.Verify should error if no attestations are present by @​phillmv in https://github.com/cli/cli/pull/9742
• gh at verify retries fetching attestations if it receives a 5xx by @​phillmv in https://github.com/cli/cli/pull/9797
• Prevent local extension installations with invalid names and conflicts with core commands and other extensions by @​BagToad in https://github.com/cli/cli/pull/9794
• Rewrite a sentence in CONTRIBUTING.md by @​muzimuzhi in https://github.com/cli/cli/pull/9772
• Use new GitHub preview terms in working-with-us.md by @​BagToad in https://github.com/cli/cli/pull/9800
• Use new GitHub previews terminology in attestation commands' help docs by @​BagToad in https://github.com/cli/cli/pull/9799
• Clarify in README that gh is supported on GitHub Enterprise Cloud by @​BagToad in https://github.com/cli/cli/pull/9805
• build(deps): bump github.com/gabriel-vasile/mimetype from 1.4.5 to 1.4.6 by @​dependabot in https://github.com/cli/cli/pull/9752

Acceptance Test Changes

• Add acceptance tests for workflow, run, and cache commands by @​BagToad in https://github.com/cli/cli/pull/9766
• Add basic api acceptance tests by @​BagToad in https://github.com/cli/cli/pull/9770
• Add acceptance tests for release commands by @​BagToad in https://github.com/cli/cli/pull/9771
• Add acceptance tests for org and ssh-key commands by @​BagToad in https://github.com/cli/cli/pull/9812
• Add acceptance tests for gh auth commands by @​jtmcg in https://github.com/cli/cli/pull/9787
• Add acceptance tests for repo commands by @​jtmcg in https://github.com/cli/cli/pull/9783
• Add acceptance tests for search command by @​BagToad in https://github.com/cli/cli/pull/9786
• Add acceptance tests for variable commands by @​andyfeller in https://github.com/cli/cli/pull/978
• Add testscripts for gpg-key and label commands by @​williammartin in https://github.com/cli/cli/pull/9811
• Use forked testscript for token redaction by @​williammartin in https://github.com/cli/cli/pull/9804
• Add acceptance tests for secret commands by @​andyfeller in https://github.com/cli/cli/pull/9782
• Note token redaction in Acceptance test README by @​williammartin in https://github.com/cli/cli/pull/9813

New Contributors

• @​tsukasaI made their first contribution in https://github.com/cli/cli/pull/9790

Full Changelog: cli/cli@v2.59.0...v2.60.0

v2.59.0: GitHub CLI 2.59.0

Compare Source

What's Changed

• Allow community submitted design work by @​BagToad in https://github.com/cli/cli/pull/9683
• Improve SECURITY.md with expectations for privately reported vulnerabilities by @​BagToad in https://github.com/cli/cli/pull/9687
• Emit a log message when extension installation falls back to a darwin-amd64 binary on an Apple Silicon macOS device by @​timrogers in https://github.com/cli/cli/pull/9650
• Print the login URL even when opening a browser by @​ulfjack in https://github.com/cli/cli/pull/7091
• configurable maxwidth for markdown WithWrap() by @​smemsh in https://github.com/cli/cli/pull/9626
• Handle errors when parsing hostname in auth flow by @​BagToad in https://github.com/cli/cli/pull/9729
• Add repo license list/view and repo gitignore list/view by @​BagToad in https://github.com/cli/cli/pull/9721
• Introduce testscript acceptance tests generally, and for the PR command specifically by @​williammartin in https://github.com/cli/cli/pull/9745
• Support GH_ACCEPTANCE_SCRIPT env var to target a single script by @​williammartin in https://github.com/cli/cli/pull/9756
• Ensure Acceptance defer failures are debuggable by @​williammartin in https://github.com/cli/cli/pull/9754
• Add acceptance task to makefile by @​williammartin in https://github.com/cli/cli/pull/9748
• Add Acceptance tests for issue command by @​williammartin in https://github.com/cli/cli/pull/9757
• Update IsEnterprise and IsTenancy for orthogonality using go-gh by @​jtmcg in https://github.com/cli/cli/pull/9755
• Supporting filtering on gist list by @​heaths in https://github.com/cli/cli/pull/9728

New Contributors

• @​ulfjack made their first contribution in https://github.com/cli/cli/pull/7091
• @​smemsh made their first contribution in https://github.com/cli/cli/pull/9626

Full Changelog: cli/cli@v2.58.0...v2.59.0

v2.58.0: GitHub CLI 2.58.0

Compare Source

What's Changed

• Better messaging for attestation verify custom issuer mismatch error by @​bdehamer in https://github.com/cli/cli/pull/9616
• Enhance gh repo create docs, fix random cmd link by @​andyfeller in https://github.com/cli/cli/pull/9630
• Add HasActiveToken method to AuthConfig to refactor auth check for attestation trusted-root command by @​BagToad in https://github.com/cli/cli/pull/9635
• Improve the suggested command for creating an issue when an extension doesn't have a binary for your platform by @​timrogers in https://github.com/cli/cli/pull/9608
• Disable auth check for attestation trusted-root command by @​bdehamer in https://github.com/cli/cli/pull/9610
• build(deps): bump github.com/henvic/httpretty from 0.1.3 to 0.1.4 by @​dependabot in https://github.com/cli/cli/pull/9645
• Fix tenant-awareness for trusted-root command by @​bdehamer in https://github.com/cli/cli/pull/9638
• Replace "GitHub Enterprise Server" option with "other" in gh auth login prompting by @​jtmcg in https://github.com/cli/cli/pull/9642
• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.4 to 2.0.5 by @​dependabot in https://github.com/cli/cli/pull/9634
• Add dnf5 instructions to docs/install_linux.md by @​its-miroma in https://github.com/cli/cli/pull/9660
• build(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.0.0 to 2.0.1 by @​dependabot in https://github.com/cli/cli/pull/9688

New Contributors

• @​its-miroma made their first contribution in https://github.com/cli/cli/pull/9660

Full Changelog: cli/cli@v2.57.0...v2.58.0

v2.57.0: GitHub CLI 2.57.0

Compare Source

What's Changed

• Move non-integration tests to different test file by @​codysoyland in https://github.com/cli/cli/pull/9577
• Added tenancy aware attestation commands by @​kommendorkapten in https://github.com/cli/cli/pull/9542
• Added --active flag to the gh auth status command by @​velumuruganr in https://github.com/cli/cli/pull/9520
• build(deps): bump github.com/sigstore/sigstore-go from 0.6.1 to 0.6.2 by @​dependabot in https://github.com/cli/cli/pull/9601
• gh attestation verify test for custom OIDC issuers by @​bdehamer in https://github.com/cli/cli/pull/9595
• Suggest installing Rosetta when extension installation fails due to missing darwin-arm64 binary, but a darwin-amd64 binary is available by @​timrogers in https://github.com/cli/cli/pull/9599
• Update gh attestation verify bundle parsing and validation errors by @​malancas in https://github.com/cli/cli/pull/9564
• Suppress attestation verify output when no TTY present by @​bdehamer in https://github.com/cli/cli/pull/9612
• Use api subdomains for tenant hosts by @​williammartin in https://github.com/cli/cli/pull/9618

New Contributors

• @​kommendorkapten made their first contribution in https://github.com/cli/cli/pull/9542
• @​velumuruganr made their first contribution in https://github.com/cli/cli/pull/9520
• @​bdehamer made their first contribution in https://github.com/cli/cli/pull/9595
• @​timrogers made their first contribution in https://github.com/cli/cli/pull/9599

Full Changelog: cli/cli@v2.56.0...v2.57.0

v2.56.0: GitHub CLI 2.56.0

Compare Source

Important note about renewed GPG key

The Debian and RedHat releases have been signed with a new GPG key. If you are experiencing issues updating your .deb or .rpm packages, please read cli/cli#9569.

What's Changed

• Always print URL scheme to stdout by @​heaths in https://github.com/cli/cli/pull/9471
• Quote repo names consistently in gh repo sync stdout by @​muzimuzhi in https://github.com/cli/cli/pull/9491
• Fetch bundle from OCI registry for verify by @​ejahnGithub in https://github.com/cli/cli/pull/9421
• Remove Internal from gh repo create prompt when owner is not an org by @​jtmcg in https://github.com/cli/cli/pull/9465
• Drop surplus trailing space char in flag names in web by @​muzimuzhi in https://github.com/cli/cli/pull/9495
• fix the trimming of log filenames for gh run view by @​benebsiny in https://github.com/cli/cli/pull/9482
• "offline" verification using the bundle of attestations without any additional handling of the file by @​aryanbhosale in https://github.com/cli/cli/pull/9523
• build(deps): bump actions/attest-build-provenance from 1.4.1 to 1.4.2 by @​dependabot in https://github.com/cli/cli/pull/9518
• Fix doc typo for repo sync by @​muzimuzhi in https://github.com/cli/cli/pull/9509
• Correct the help message for -F by @​Goooler in https://github.com/cli/cli/pull/9525
• chore: fix some function names by @​crystalstall in https://github.com/cli/cli/pull/9555
• verify 2nd artifact without swapping order by @​aryanbhosale in https://github.com/cli/cli/pull/9532
• gh attestation verify handles empty JSONL files by @​malancas in https://github.com/cli/cli/pull/9541
• Enhance Linux installation docs to redirect users to GPG renewal issue, better troubleshooting support by @​andyfeller in https://github.com/cli/cli/pull/9573
• Upgrade sigstore-go to v0.6.1 by @​codysoyland in https://github.com/cli/cli/pull/9566
• Check for nil values to prevent nil dereference panic by @​codysoyland in https://github.com/cli/cli/pull/9578
• build(deps): bump actions/attest-build-provenance from 1.4.2 to 1.4.3 by @​dependabot in https://github.com/cli/cli/pull/9575

New Contributors

• @​aryanbhosale made their first contribution in https://github.com/cli/cli/pull/9523
• @​Goooler made their first contribution in https://github.com/cli/cli/pull/9525
• @​crystalstall made their first contribution in https://github.com/cli/cli/pull/9555

Full Changelog: cli/cli@v2.55.0...v2.56.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.