v2.0.8

Changelog

🧰 Maintenance

• chore(deps): bump cryptography from 46.0.6 to 46.0.7 @dependabot[bot] (#451)
• chore(deps): bump types-requests from 2.32.4.20260107 to 2.33.0.20260327 in the dependencies group across 1 directory @dependabot[bot] (#450)
• chore(deps): bump astral-sh/setup-uv from 7.3.1 to 8.0.0 @dependabot[bot] (#449)
• chore(deps): bump github/codeql-action from 4.32.6 to 4.35.1 in the dependencies group @dependabot[bot] (#448)

See details of all code changes since previous release

v2.0.7

Changelog

🐛 Bug Fixes

• fix: compare sponsor_info as bool instead of string @jmeridth (#446)

🧰 Maintenance

• chore(deps): bump requests from 2.33.0 to 2.33.1 @dependabot[bot] (#444)
• chore(deps): bump pytest-cov from 7.0.0 to 7.1.0 in the dependencies group @dependabot[bot] (#443)
• chore(deps): bump the dependencies group with 5 updates @dependabot[bot] (#442)

See details of all code changes since previous release

v2.0.6

Changelog

🧰 Maintenance

• chore(deps): bump cryptography from 46.0.5 to 46.0.6 @dependabot[bot] (#440)

See details of all code changes since previous release

v2.0.5

Changelog

🐛 Bug Fixes

• fix: prevent dev dependency downloads at runtime @zkoppert (#434)
• fix: update harden-runner action to v2.16.0 due to security issue @jmeridth (#435)
• fix: tighten workflow permissions, add security hardening, and fix uv tool invocations @jmeridth (#431)

🧰 Maintenance

• chore(deps): bump requests from 2.32.5 to 2.33.0 @dependabot[bot] (#438)
• chore(deps): bump github-community-projects/contributors from 1.7.8 to 2.0.4 @dependabot[bot] (#437)
• chore(deps): bump kenyonj/mark-ready-when-ready from 33b13c51ba23786efb933701ef253352baf05bdd to b6279addd55dd13208965a9eff24b2cf1989a8ef @dependabot[bot] (#436)
• chore(deps): bump github/codeql-action from 3.32.6 to 4.32.6 @dependabot[bot] (#432)

See details of all code changes since previous release

v2.0.4

Changelog

• chore: Update ospo-reusable-workflows to new GitHub org @jmeridth (#422)

🐛 Bug Fixes

• fix: add --project flag to uv entrypoint for GitHub Actions compatibility @jmeridth (#429)
• fix: pin uv version and add caching to CI workflows @jmeridth (#424)
• fix: store new_contributor parameter in init @zkoppert (#407)

🧰 Maintenance

• ci: add mark-ready-when-ready workflow @zkoppert (#428)
• chore(deps): bump github/codeql-action from 4.32.4 to 4.32.6 in the dependencies group @dependabot[bot] (#427)
• chore(deps): switch dependabot package ecosystem from pip to uv @jmeridth (#426)
• chore(deps-dev): bump black from 26.1.0 to 26.3.1 in the uv group across 1 directory @dependabot[bot] (#425)
• build: harden CI with frozen installs and octo-sts token federation @jmeridth (#418)
• chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 @dependabot[bot] (#421)
• chore(deps): bump astral-sh/setup-uv from 5.4.1 to 7.3.1 @dependabot[bot] (#420)
• chore(deps): bump python-dotenv from 1.2.1 to 1.2.2 in the dependencies group @dependabot[bot] (#419)

See details of all code changes since previous release

v2.0.3

Changelog

🐛 Bug Fixes

• fix: harden pip install against supply chain attacks @zkoppert (#415)

🧰 Maintenance

• build: switch from pip to uv for dependency management @jmeridth (#416)

See details of all code changes since previous release

v2.0.2

Changelog

🐛 Bug Fixes

• fix: convert app_id to string before login_as_app_installation call @jmeridth (#413)
• fix: use commits-first approach to avoid rate limiting and missing contributors @zkoppert (#409)
• fix: resolve pylint config errors breaking super-linter @jmeridth (#408)
• fix: Update action.yml to use v2 image @jmeridth (#404)

🧰 Maintenance

• chore(deps): bump github/codeql-action from 4.31.9 to 4.32.4 in the dependencies group @dependabot[bot] (#412)
• chore(deps): bump pylint from 4.0.4 to 4.0.5 in the dependencies group @dependabot[bot] (#411)

See details of all code changes since previous release

v2.0.1

Changelog

🧰 Maintenance

• chore: update CODEOWNERS to individual maintainers @jmeridth (#401)
• chore: remove reviewer checklist from PR template @jmeridth (#402)
• docs: add repository relocation banner to README @jmeridth (#400)

See details of all code changes since previous release

v2.0.0

Changelog

🐛 Bug Fixes

• fix: Update org references from github/ to github-community-projects/ @zkoppert (#398)

See details of all code changes since previous release

v1.8.0

Changelog

🚀 Features

• feat: add OUTPUT_FILENAME to customize markdown output @vchrombie (#387)

🐛 Bug Fixes

• fix: validate END_DATE is not before or equal to START_DATE @copilot-swe-agent[bot] (#382)

🧰 Maintenance

• chore(deps): bump actions/stale from 10.1.1 to 10.2.0 in the dependencies group @dependabot[bot] (#396)
• test: cover remaining contributor paths @vchrombie (#395)
• chore(deps): bump the dependencies group across 1 directory with 2 updates @dependabot[bot] (#393)
• chore(deps): bump types-requests from 2.32.4.20250913 to 2.32.4.20260107 @dependabot[bot] (#386)
• chore(deps): bump black from 25.12.0 to 26.1.0 @dependabot[bot] (#389)
• chore(deps): bump mypy from 1.19.0 to 1.19.1 in the dependencies group @dependabot[bot] (#379)
• chore(deps): bump the dependencies group with 7 updates @dependabot[bot] (#380)
• chore(deps): bump black from 25.11.0 to 25.12.0 in the dependencies group @dependabot[bot] (#377)
• chore(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 @dependabot[bot] (#378)

See details of all code changes since previous release