The v3 action inputs (check:, from:) no longer match the v4 API.
Switch to v4 with command: check and pass the git range as a positional
args value (SHA..HEAD) which is what cog check accepts.
- cargo deny: add MPL-2.0 and BSD-3-Clause to allow list (colored via
simple_logger/mockito; encoding_rs via reqwest)
- conventional commits: use explicit SHA of last pre-conventional commit
instead of from_latest_tag (no tags exist yet in the repo)
- MSRV: raise rust-version 1.80 -> 1.88 to match the actual minimum
required by the dependency tree (simple_logger -> time 0.3 -> 1.88)
- MSRV CI: update toolchain pin to 1.88 to match
- macOS test: remove Swatinem/rust-cache from test matrix job to avoid
stale cache corrupting the cargo binary path on arm64 runners
- Replace serde_yml with serde_norway (RUSTSEC-2025-0068: serde_yml is
unsound and archived; serde_norway is the recommended maintained fork)
- Remove unused toml dependency (was resolving to v1.1.2 which requires
edition2024/Rust 1.85, breaking the MSRV 1.80 check)
- Run cargo fmt to fix formatting diffs caught by lint job
- Fix cog commit check to use from_latest_tag so pre-conventional-commits
history does not cause the check to fail
- Remove semver job: dredge is a binary-only crate with no lib target,
cargo-semver-checks cannot check it
- Add features list, installation section, and prerequisites
- Document all subcommands with realistic examples and argument tables
- Add REGISTRY argument format table
- Fix typo 'Deleteing' -> 'Deleting'
- Add known limitations section
- api: extract check_api_version_header() helper, eliminating duplicated
header-checking logic in parse_response_status()
- api: simplify parse_rfc5988() using split_once and let-else
- api: propagate JSON decode errors in fetch_paginated() instead of
silently swallowing them
- api: add connect/request timeouts via a shared build_client() helper;
all handlers now use a configured client instead of reqwest::get()
- api: fix stale log trace name get_manifest -> get_digest
- commands: promote inline response structs to module-level for clarity
- commands: fix etag stripping logic (was using wrong quote/apostrophe
pattern; now correctly strips RFC 7232 double-quotes)
- commands: simplify iterator chains in catalog/tags handlers
- error: simplify ResponseHeaderParseError from Box<dyn Error> to String
- main: fix stale log trace name make_registry_url -> parse_registry_arg
- main: use as_deref().unwrap_or() instead of allocating via to_owned()
- cli: remove unused imports and #![allow(unused_imports)] attribute
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
dependabot[bot]
Anthony Oteri