Bump the go-patch group across 3 directories with 13 updates #1462

dependabot · 2024-10-14T05:28:53Z

Bumps the go-patch group with 6 updates in the / directory:

Package	From	To
github.com/aws/aws-sdk-go-v2/config	`1.27.17`	`1.27.43`
github.com/cyphar/filepath-securejoin	`0.3.1`	`0.3.4`
github.com/elgohr/go-localstack	`1.0.20`	`1.0.113`
github.com/jenkins-x/go-scm	`1.14.11`	`1.14.43`
github.com/kubescape/go-git-url	`0.0.25`	`0.0.30`
github.com/spf13/cobra	`1.8.0`	`1.8.1`

Bumps the go-patch group with 2 updates in the /api directory: github.com/go-logr/logr and github.com/onsi/gomega.
Bumps the go-patch group with 3 updates in the /tfctl directory: github.com/go-logr/logr, github.com/onsi/gomega and github.com/spf13/cobra.

Updates github.com/aws/aws-sdk-go-v2/config from 1.27.17 to 1.27.43

Commits

0cbb5aa Release 2024-10-08
54c1dd6 Regenerated Clients
2cde144 Update endpoints model
67fbd35 Update API model
aa04330 Allow non-nil but empty headers (#2826)
5a4e5bb add feature tracking for cbor protocol (#2821)
183987c add annotations to deprecated services and introduce codegen integration for ...
b737dc9 Release 2024-10-07
7279a51 Regenerated Clients
a1b1f5a Update endpoints model
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.17 to 1.17.41

Commits

0cbb5aa Release 2024-10-08
54c1dd6 Regenerated Clients
2cde144 Update endpoints model
67fbd35 Update API model
aa04330 Allow non-nil but empty headers (#2826)
5a4e5bb add feature tracking for cbor protocol (#2821)
183987c add annotations to deprecated services and introduce codegen integration for ...
b737dc9 Release 2024-10-07
7279a51 Regenerated Clients
a1b1f5a Update endpoints model
Additional commits viewable in compare view

Updates github.com/aws/smithy-go from 1.20.3 to 1.22.0

Changelog

Sourced from github.com/aws/smithy-go's changelog.

Release (2024-10-03)

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.22.0

Feature: Add HTTP client metrics.

Release (2024-09-25)

Module Highlights

github.com/aws/smithy-go/aws-http-auth: v1.0.0

Release: Initial release of module aws-http-auth, which implements generically consumable SigV4 and SigV4a request signing.

Release (2024-09-19)

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.21.0

Feature: Add tracing and metrics APIs, and builtin instrumentation for both, in generated clients.

github.com/aws/smithy-go/metrics/smithyotelmetrics: v1.0.0

Release: Initial release of smithyotelmetrics module, which is used to adapt an OpenTelemetry SDK meter provider to be used with Smithy clients.

github.com/aws/smithy-go/tracing/smithyoteltracing: v1.0.0

Release: Initial release of smithyoteltracing module, which is used to adapt an OpenTelemetry SDK tracer provider to be used with Smithy clients.

Release (2024-08-14)

Module Highlights

github.com/aws/smithy-go: v1.20.4

Dependency Update: Bump minimum Go version to 1.21.

Release (2024-06-27)

Module Highlights

github.com/aws/smithy-go: v1.20.3

Bug Fix: Fix encoding/cbor test overflow on x86.

Release (2024-03-29)

No change notes available for this release.

Release (2024-02-21)

Module Highlights

github.com/aws/smithy-go: v1.20.1

Bug Fix: Remove runtime dependency on go-cmp.

... (truncated)

Commits

d479fb7 Release 2024-10-03
26886e2 add http client metrics (#543)
c175324 Print output when executing commands when exit code != 0 (#540)
ec6d6f9 Release 2024-09-25
3187256 changelog
f1f22c5 introduce new aws-http-auth module which implements sigv4 and sigv4a (#541)
85dcb19 Release 2024-09-19
d2ad136 add tracing and metrics support to generated clients (#538)
f0c6adf Release 2024-08-14
f908d96 remove non-runtime changelog
Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.3.1 to 0.3.4

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.4

This release primarily includes a fix that blocked using filepath-securejoin in Kubernetes.

Previously, some testing mocks we had resulted in us doing import "testing" in non-_test.go code, which made some downstreams like Kubernetes unhappy. This has been fixed. (#32)

Thanks to all of the contributors who made this release possible:

Aleksa Sarai cyphar@cyphar.com

Stephen Kitt skitt@redhat.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

v0.3.3

This release primarily includes fixes for spurious errors we hit when checking that directories created by MkdirAll "look right". Upon further consideration, these checks were fundamentally buggy and didn't offer any practical protection anyway.

The mode and owner verification logic in MkdirAll has been removed. This was originally intended to protect against some theoretical attacks but upon further consideration these protections don't actually buy us anything and they were causing spurious errors with more complicated filesystem setups.

The "is the created directory empty" logic in MkdirAll has also been removed. This was not causing us issues yet, but some pseudofilesystems (such as cgroup) create non-empty directories and so this logic would've been wrong for such cases.

Thanks to all of the contributors who made this release possible:

Aleksa Sarai cyphar@cyphar.com

Kir Kolyshkin kolyshkin@gmail.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

v0.3.2

This release includes a few fixes for MkdirAll when dealing with S_ISUID and S_ISGID, to solve a regression runc hit when switching to MkdirAll.

Passing the S_ISUID or S_ISGID modes to MkdirAllInRoot will now return an explicit error saying that those bits are ignored by mkdirat(2). In the past a different error was returned, but since the silent ignoring behaviour is codified in the man pages a more explicit error seems apt. While silently ignoring these bits would be the most compatible option, it could lead to users thinking their code sets these bits when it doesn't. Programs that need to deal with compatibility can mask the bits themselves. (#23, #25)

... (truncated)

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.3.4] - 2024-10-09

Fixed

Previously, some testing mocks we had resulted in us doing import "testing" in non-_test.go code, which made some downstreams like Kubernetes unhappy. This has been fixed. (#32)

[0.3.3] - 2024-09-30

Fixed

The mode and owner verification logic in MkdirAll has been removed. This was originally intended to protect against some theoretical attacks but upon further consideration these protections don't actually buy us anything and they were causing spurious errors with more complicated filesystem setups.

The "is the created directory empty" logic in MkdirAll has also been removed. This was not causing us issues yet, but some pseudofilesystems (such as cgroup) create non-empty directories and so this logic would've been wrong for such cases.

[0.3.2] - 2024-09-13

Changed

Passing the S_ISUID or S_ISGID modes to MkdirAllInRoot will now return an explicit error saying that those bits are ignored by mkdirat(2). In the past a different error was returned, but since the silent ignoring behaviour is codified in the man pages a more explicit error seems apt. While silently ignoring these bits would be the most compatible option, it could lead to users thinking their code sets these bits when it doesn't. Programs that need to deal with compatibility can mask the bits themselves. (#23, #25)

Fixed

If a directory has S_ISGID set, then all child directories will have S_ISGID set when created and a different gid will be used for any inode created under the directory. Previously, the "expected owner and mode" validation in securejoin.MkdirAll did not correctly handle this. We now correctly handle this case. (#24, #25)

Commits

fd16ade VERSION: release v0.3.4
00e0710 godoc: update package documentation
0cd6be1 README: fix reference to open_tree kernel requirements
205046f README: add pkg.go.dev badge
ecb1b8e tests: procfs: clean up mock test hook
3ec6eed CHANGELOG: mention #32 fix
86e6182 merge #32 into cyphar/filepath-securejoin:main
6864912 Isolate the testing import in test code
4348fee openat: remove unused function
d0c7d67 merge #31 into cyphar/filepath-securejoin:main
Additional commits viewable in compare view

Updates github.com/elgohr/go-localstack from 1.0.20 to 1.0.113

Commits

5966c11 Merge pull request #983 from elgohr/dependabot/go_modules/github.com/maxbruns...
28b89db Bump github.com/maxbrunsfeld/counterfeiter/v6 from 6.9.0 to 6.10.0
6d4967d Merge pull request #982 from elgohr/dependabot/go_modules/docker-c4b95dffb6
9d08f74 Bump the docker group with 2 updates
f2338a6 Merge pull request #980 from elgohr/dependabot/go_modules/docker-12c74cbbec
2a3219b Bump the docker group with 2 updates
e1faedc Merge pull request #981 from elgohr/dependabot/go_modules/github.com/maxbruns...
aa3a744 Bump github.com/maxbrunsfeld/counterfeiter/v6 from 6.8.1 to 6.9.0
2fc3485 Merge pull request #979 from elgohr/dependabot/go_modules/aws-sdk-6b3fa0658d
53cc661 Bump the aws-sdk group with 2 updates
Additional commits viewable in compare view

Updates github.com/jenkins-x/go-scm from 1.14.11 to 1.14.43

Release notes

Sourced from github.com/jenkins-x/go-scm's releases.

1.14.43

Changes in version 1.14.43

Chores

release 1.14.43 (jenkins-x-bot)

add variables (jenkins-x-bot)

deps: bump github.com/bluekeyes/go-gitdiff from 0.7.4 to 0.8.0 (dependabot[bot])

1.14.42

Changes in version 1.14.42

Bug Fixes

updating gitea demo url (Mårten Svantesson)

readable diffs (Mårten Svantesson)

pull request should be null for issues (Mårten Svantesson)

Chores

release 1.14.42 (jenkins-x-bot)

add variables (jenkins-x-bot)

1.14.41

Changes in version 1.14.41

Chores

release 1.14.41 (jenkins-x-bot)

add variables (jenkins-x-bot)

deps: bump github.com/bluekeyes/go-gitdiff from 0.7.3 to 0.7.4 (dependabot[bot])

1.14.40

Changes in version 1.14.40

Chores

release 1.14.40 (jenkins-x-bot)

add variables (jenkins-x-bot)

deps: bump k8s.io/apimachinery from 0.30.2 to 0.30.3 (dependabot[bot])

1.14.39

Changes in version 1.14.39

Chores

release 1.14.39 (jenkins-x-bot)

add variables (jenkins-x-bot)

deps: bump k8s.io/apimachinery from 0.29.0 to 0.30.2 (dependabot[bot])

... (truncated)

Commits

b29dca5 chore: release 1.14.43
7cb6258 chore: add variables
4b6f912 Merge pull request #456 from jenkins-x/dependabot/go_modules/github.com/bluek...
6189096 chore(deps): bump github.com/bluekeyes/go-gitdiff from 0.7.4 to 0.8.0
357a1be Merge pull request #459 from jenkins-x/pullrequestnull
635708f fix: updating gitea demo url
7a98a89 fix: readable diffs
96ab517 fix: pull request should be null for issues
12239b8 Merge pull request #452 from jenkins-x/dependabot/go_modules/github.com/bluek...
2414a0d Merge pull request #451 from jenkins-x/dependabot/go_modules/k8s.io/apimachin...
Additional commits viewable in compare view

Updates github.com/kubescape/go-git-url from 0.0.25 to 0.0.30

Commits

d27eb58 Merge pull request #16 from kubescape/fix-gitlab
1ba58cb use detected host in gitlab api
afc1c54 Merge pull request #15 from kubescape/fix-gitlab
29a0174 also support self hosted gitlab in NewGitAPI
1d0b89d Merge pull request #14 from kubescape/fix-gitlab
ec5afaf add support for self-hosted gitlab
0a7f7ed Merge pull request #13 from kubescape/fix-gitlab
5dd5ab2 fix gitlab project ID generation
36432da Merge pull request #12 from hectorj2f/fix_git_urls_cve
e2ce7a0 replace whilp/git-urls module by chainguard-dev/git-urls
See full diff in compare view

Updates github.com/maxbrunsfeld/counterfeiter/v6 from 6.9.0 to 6.10.0

Commits

241cc37 add integration test to validate type aliases are treated correctly
ac22042 issue #298 - go 1.23 go/types alias change
224623a Merge pull request #300 from maxbrunsfeld/dependabot/go_modules/golang.org/x/...
16e7f66 Bump golang.org/x/tools from 0.25.0 to 0.26.0
92721d4 Merge pull request #299 from maxbrunsfeld/dependabot/go_modules/golang.org/x/...
f5b33b8 Bump golang.org/x/text from 0.18.0 to 0.19.0
b15b881 Merge pull request #296 from maxbrunsfeld/dependabot/go_modules/github.com/on...
63d30a8 Bump github.com/onsi/gomega from 1.34.1 to 1.34.2
See full diff in compare view

Updates github.com/onsi/gomega from 1.34.1 to 1.34.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

bump ginkgo as well [c59c6dc]

bump to go 1.22 - remove x/exp dependency [8158b99]

v1.34.1

1.34.1

Maintenance

Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

bump ginkgo as well [c59c6dc]

bump to go 1.22 - remove x/exp dependency [8158b99]

1.34.1

Maintenance

Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

Commits

7cabed6 v1.34.2
c59c6dc bump ginkgo as well
8158b99 bump to go 1.22 - remove x/exp dependency
fa057b8 v1.34.1
5e71dcd Use slices from exp/slices to keep golang 1.20 compat
See full diff in compare view

Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

Add env variable to suppress completion descriptions on create by @scop in spf13/cobra#1938

🐛 Bug fixes

Micro-optimizations by @scop in spf13/cobra#1957

🔧 Maintenance

build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 by @dependabot in spf13/cobra#2127

Consistent annotation names by @nirs in spf13/cobra#2140

Remove fully inactivated linters by @nirs in spf13/cobra#2148

Address golangci-lint deprecation warnings, enable some more linters by @scop in spf13/cobra#2152

🧪 Testing & CI/CD

Add test for func in cobra.go by @korovindenis in spf13/cobra#2094

ci: test golang 1.22 by @cyrilico in spf13/cobra#2113

Optimized and added more linting by @scop in spf13/cobra#2099

build(deps): bump actions/setup-go from 4 to 5 by @dependabot in spf13/cobra#2087

build(deps): bump actions/labeler from 4 to 5 by @dependabot in spf13/cobra#2086

build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in spf13/cobra#2108

build(deps): bump actions/cache from 3 to 4 by @dependabot in spf13/cobra#2102

✏️ Documentation

Fixes and docs for usage as plugin by @nirs in spf13/cobra#2070

flags: clarify documentation that LocalFlags related function do not modify the state by @niamster in spf13/cobra#2064

chore: remove repetitive words by @racerole in spf13/cobra#2122

Add LXC to the list of projects using Cobra @VaradBelwalkar in spf13/cobra#2071

Update projects_using_cobra.md by @marcuskohlberg in spf13/cobra#2089

[chore]: update projects using cobra by @cmwylie19 in spf13/cobra#2093

Add Taikun CLI to list of projects by @Smidra in spf13/cobra#2098

Add Incus to the list of projects using Cobra by @montag451 in spf13/cobra#2118

... (truncated)

Commits

e94f6d0 Address golangci-lint deprecation warnings, enable some more linters (#2152)
8003b74 Remove fully inactivated linters (#2148)
5c2c1d6 Consistent annotation names (#2140)
5a1acea build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 (#2127)
0fc86c2 docs: update user guide (#2128)
6b5f577 More linting (#2099)
bd914e5 fix: remove deprecated io/ioutils package (#2120)
1f80fa2 chore: remove repetitive words (#2122)
c69ae4c ci: test golang 1.22 (#2113)
a30cee5 build(deps): bump actions/cache from 3 to 4 (#2102)
Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.30.1 to 0.30.3

Commits

See full diff in compare view

Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Fix lint: named but unused params by @thockin in go-logr/logr#268

Add a Go report card, fix lint by @thockin in go-logr/logr#271

funcr: Handle nested empty groups properly by @thockin in go-logr/logr#274

Dependencies:

build(deps): bump github/codeql-action from 3.22.11 to 3.22.12 by @dependabot in go-logr/logr#254

build(deps): bump github/codeql-action from 3.22.12 to 3.23.0 by @dependabot in go-logr/logr#256

build(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in go-logr/logr#257

build(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in go-logr/logr#259

build(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in go-logr/logr#260

build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in go-logr/logr#263

build(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in go-logr/logr#262

build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in go-logr/logr#264

build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in go-logr/logr#266

build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in go-logr/logr#267

build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in go-logr/logr#270

build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in go-logr/logr#272

build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in go-logr/logr#275

build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in go-logr/logr#276

build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in go-logr/logr#277

build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by @dependabot in go-logr/logr#278

build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in go-logr/logr#279

build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in go-logr/logr#280

build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in go-logr/logr#281

build(deps): bump github/codeql-action from 3.24.10 to 3.25.1 by @dependabot in go-logr/logr#282

build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 by @dependabot in go-logr/logr#283

build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in go-logr/logr#284

build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in go-logr/logr#285

build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in go-logr/logr#286

build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in go-logr/logr#288

build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.3.0 by @dependabot in go-logr/logr#289

build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 by @dependabot in go-logr/logr#293

build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in go-logr/logr#292

build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in go-logr/logr#291

build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in go-logr/logr#290

build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in go-logr/logr#294

build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in go-logr/logr#295

Full Changelog: go-logr/logr@v1.4.1...v1.4.2

Commits

1205f42 Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...
ccedcbd Merge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...
bead577 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
a492d95 build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
19ad07c build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
1c97a21 build(deps): bump actions/checkout from 4.1.4 to 4.1.5
f70c5b5 build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
4ade8d3 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1
88d98bd Merge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...
432cd86 Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...
Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.34.0 to 1.34.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

bump ginkgo as well [c59c6dc]

bump to go 1.22 - remove x/exp dependency [8158b99]

v1.34.1

1.34.1

Maintenance

Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

bump ginkgo as well [c59c6dc]

bump to go 1.22 - remove x/exp dependency [8158b99]

1.34.1

Maintenance

Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

Commits

7cabed6 v1.34.2
c59c6dc bump ginkgo as well
8158b99 bump to go 1.22 - remove x/exp dependency
fa057b8 v1.34.1
5e71dcd Use slices from exp/slices to keep golang 1.20 compat
See full diff in compare view

Updates golang.org/x/net from 0.25.0 to 0.28.0

Commits

4542a42 go.mod: update golang.org/x dependencies
765c7e8 xsrftoken: create no padding base64 string by RawURLEncoding
032e4e4 LICENSE: update per Google Legal
e2310ae go.mod: update golang.org/x dependencies
77708f7 quic: skip tests which depend on unimplemented UDP functions on Plan 9
9617c63 http2: avoid Transport hang with Connection: close and AllowHTTP
66e838c go.mod: update golang.org/x dependencies
6249541 http2: avoid race in server handler SetReadDeadine/SetWriteDeadline
603e3e6 quic: disable X25519Kyber768Draft00 in tests
67e8d0c http2: report an error if goroutines outlive serverTester tests
Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Fix lint: named but unused params by @thockin in go-logr/logr#268

Add a Go report card, fix lint by @thockin in go-logr/logr#271

funcr: Handle nested empty groups properly by @thockin in go-logr/logr#274

Dependencies:

build(deps): bump github/codeql-action from 3.22.11 to 3.22.12 by @dependabot in go-logr/logr#254

build(deps): bump github/codeql-action from 3.22.12 to 3.23.0 by @dependabot in go-logr/logr#256

build(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in go-logr/logr#257

build(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in go-logr/logr#259

build(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in go-logr/logr#260

build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in go-logr/logr#263

build(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in go-logr/logr#262

build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in go-logr/logr#264

build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in go-logr/logr#266

build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in go-logr/logr#267

build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in go-logr/logr#270

build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in go-logr/logr#272

build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in go-logr/logr#275

build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in go-logr/logr#276

build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in go-logr/logr#277

build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by @dependabot in go-logr/logr#278

build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in go-logr/logr#279

build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in go-logr/logr#280

build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in go-logr/logr#281

build(deps): bump github/codeql-action from 3.24.10 to 3.25.1 by @dependabot in go-logr/logr#282

build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 by @dependabot in go-logr/logr#283

build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in go-logr/logr#284

build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in go-logr/logr#285

build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in go-logr/logr#286

build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in go-logr/logr#288

build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.3.0 by @dependabot in go-logr/logr#289

build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 by @dependabot in go-logr/logr#293

build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in go-logr/logr#292

build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in go-logr/logr#291

build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in go-logr/logr#290

build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in go-logr/logr#294

build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in go-logr/logr#295

Full Changelog: go-logr/logr@v1.4.1...v1.4.2

Commits

1205f42 Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...
ccedcbd Merge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...
bead577 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
a492d95 build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
19ad07c build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
1c97a21 build(deps): bump actions/checkout from 4.1.4 to 4.1.5
f70c5b5 build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
4ade8d3 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1
88d98bd Merge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...
432cd86 Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...
Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.34.0 to 1.34.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

bump ginkgo as well [c59c6dc]

bump to go 1.22 - remove x/exp dependency [8158b99]

v1.34.1

1.34.1

Maintenance

Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

bump ginkgo as well [c59c6dc]

bump to go 1.22 - remove x/exp dependency [8158b99]

1.34.1

Maintenance

Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

Commits

Description has been truncated

Bumps the go-patch group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.27.17` | `1.27.43` | | [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.3.1` | `0.3.4` | | [github.com/elgohr/go-localstack](https://github.com/elgohr/go-localstack) | `1.0.20` | `1.0.113` | | [github.com/jenkins-x/go-scm](https://github.com/jenkins-x/go-scm) | `1.14.11` | `1.14.43` | | [github.com/kubescape/go-git-url](https://github.com/kubescape/go-git-url) | `0.0.25` | `0.0.30` | | [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.8.0` | `1.8.1` | Bumps the go-patch group with 2 updates in the /api directory: [github.com/go-logr/logr](https://github.com/go-logr/logr) and [github.com/onsi/gomega](https://github.com/onsi/gomega). Bumps the go-patch group with 3 updates in the /tfctl directory: [github.com/go-logr/logr](https://github.com/go-logr/logr), [github.com/onsi/gomega](https://github.com/onsi/gomega) and [github.com/spf13/cobra](https://github.com/spf13/cobra). Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.17 to 1.27.43 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@config/v1.27.17...config/v1.27.43) Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.17 to 1.17.41 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@credentials/v1.17.17...credentials/v1.17.41) Updates `github.com/aws/smithy-go` from 1.20.3 to 1.22.0 - [Release notes](https://github.com/aws/smithy-go/releases) - [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md) - [Commits](aws/smithy-go@v1.20.3...v1.22.0) Updates `github.com/cyphar/filepath-securejoin` from 0.3.1 to 0.3.4 - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md) - [Commits](cyphar/filepath-securejoin@v0.3.1...v0.3.4) Updates `github.com/elgohr/go-localstack` from 1.0.20 to 1.0.113 - [Commits](elgohr/go-localstack@v1.0.20...v1.0.113) Updates `github.com/jenkins-x/go-scm` from 1.14.11 to 1.14.43 - [Release notes](https://github.com/jenkins-x/go-scm/releases) - [Changelog](https://github.com/jenkins-x/go-scm/blob/main/CHANGELOG.md) - [Commits](jenkins-x/go-scm@v1.14.11...v1.14.43) Updates `github.com/kubescape/go-git-url` from 0.0.25 to 0.0.30 - [Release notes](https://github.com/kubescape/go-git-url/releases) - [Commits](kubescape/go-git-url@v0.0.25...v0.0.30) Updates `github.com/maxbrunsfeld/counterfeiter/v6` from 6.9.0 to 6.10.0 - [Release notes](https://github.com/maxbrunsfeld/counterfeiter/releases) - [Commits](maxbrunsfeld/counterfeiter@v6.9.0...v6.10.0) Updates `github.com/onsi/gomega` from 1.34.1 to 1.34.2 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.34.0...v1.34.2) Updates `github.com/spf13/cobra` from 1.8.0 to 1.8.1 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.8.0...v1.8.1) Updates `k8s.io/apimachinery` from 0.30.1 to 0.30.3 - [Commits](kubernetes/apimachinery@v0.30.1...v0.30.3) Updates `github.com/go-logr/logr` from 1.4.1 to 1.4.2 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.4.1...v1.4.2) Updates `github.com/onsi/gomega` from 1.34.0 to 1.34.2 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.34.0...v1.34.2) Updates `golang.org/x/net` from 0.25.0 to 0.28.0 - [Commits](golang/net@v0.25.0...v0.28.0) Updates `github.com/go-logr/logr` from 1.4.1 to 1.4.2 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.4.1...v1.4.2) Updates `github.com/onsi/gomega` from 1.34.0 to 1.34.2 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.34.0...v1.34.2) Updates `github.com/spf13/cobra` from 1.8.0 to 1.8.1 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.8.0...v1.8.1) Updates `golang.org/x/net` from 0.25.0 to 0.28.0 - [Commits](golang/net@v0.25.0...v0.28.0) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/aws/aws-sdk-go-v2/credentials dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/aws/smithy-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-patch - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/elgohr/go-localstack dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/jenkins-x/go-scm dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/kubescape/go-git-url dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/maxbrunsfeld/counterfeiter/v6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-patch - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/go-logr/logr dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: golang.org/x/net dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-patch - dependency-name: github.com/go-logr/logr dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: golang.org/x/net dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added area/ci Continuous Integration pipeline dependencies Dependency management for library and code labels Oct 14, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go-patch group across 3 directories with 13 updates #1462

Bump the go-patch group across 3 directories with 13 updates #1462

dependabot bot commented on behalf of github Oct 14, 2024

Bump the go-patch group across 3 directories with 13 updates #1462

Are you sure you want to change the base?

Bump the go-patch group across 3 directories with 13 updates #1462

Conversation

dependabot bot commented on behalf of github Oct 14, 2024

Release (2024-10-03)

General Highlights

Module Highlights

Release (2024-09-25)

Module Highlights

Release (2024-09-19)

General Highlights

Module Highlights

Release (2024-08-14)

Module Highlights

Release (2024-06-27)

Module Highlights

Release (2024-03-29)

Release (2024-02-21)

Module Highlights

v0.3.4

v0.3.3

v0.3.2

[0.3.4] - 2024-10-09

Fixed

[0.3.3] - 2024-09-30

Fixed

[0.3.2] - 2024-09-13

Changed

Fixed

1.14.43

Changes in version 1.14.43

Chores

1.14.42

Changes in version 1.14.42

Bug Fixes

Chores

1.14.41

Changes in version 1.14.41

Chores

1.14.40

Changes in version 1.14.40

Chores

1.14.39

Changes in version 1.14.39

Chores

v1.34.2

1.34.2

Maintenance

v1.34.1

1.34.1

Maintenance

1.34.2

Maintenance

1.34.1

Maintenance

v1.8.1

✨ Features

🐛 Bug fixes

🔧 Maintenance

🧪 Testing & CI/CD

✏️ Documentation

v1.4.2

What's Changed

Dependencies:

v1.34.2

1.34.2

Maintenance

v1.34.1

1.34.1

Maintenance

1.34.2

Maintenance

1.34.1

Maintenance

v1.4.2

What's Changed

Dependencies:

v1.34.2

1.34.2