Bump the go-patch group across 3 directories with 13 updates #1483

dependabot · 2024-11-25T05:55:49Z

Bumps the go-patch group with 7 updates in the / directory:

Package	From	To
github.com/aws/aws-sdk-go-v2/credentials	`1.17.17`	`1.17.46`
github.com/cyphar/filepath-securejoin	`0.3.1`	`0.3.4`
github.com/elgohr/go-localstack	`1.0.20`	`1.0.116`
github.com/jenkins-x/go-scm	`1.14.11`	`1.14.44`
github.com/kubescape/go-git-url	`0.0.25`	`0.0.30`
github.com/spf13/cobra	`1.8.0`	`1.8.1`
google.golang.org/protobuf	`1.35.1`	`1.35.2`

Bumps the go-patch group with 1 update in the /api directory: github.com/go-logr/logr.
Bumps the go-patch group with 2 updates in the /tfctl directory: github.com/go-logr/logr and github.com/spf13/cobra.

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.17 to 1.17.46

Commits

d125de3 Release 2024-11-18
fec51f3 Regenerated Clients
fba5997 Update API model
0b8e5c8 Bump smithy-go dependency (#2902)
50ba45c Release 2024-11-15.2
444bdff Regenerated Clients
55ab381 Update endpoints model
94c0837 Update API model
2398a79 Remove elastictranscoder service's integration test (#2901)
93e0f29 Release 2024-11-15
Additional commits viewable in compare view

Updates github.com/aws/smithy-go from 1.20.3 to 1.22.1

Changelog

Sourced from github.com/aws/smithy-go's changelog.

Release (2024-11-15)

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.22.1

Bug Fix: Fix failure to replace URI path segments when their names overlap.

Release (2024-10-03)

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.22.0

Feature: Add HTTP client metrics.

Release (2024-09-25)

Module Highlights

github.com/aws/smithy-go/aws-http-auth: v1.0.0

Release: Initial release of module aws-http-auth, which implements generically consumable SigV4 and SigV4a request signing.

Release (2024-09-19)

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.21.0

Feature: Add tracing and metrics APIs, and builtin instrumentation for both, in generated clients.

github.com/aws/smithy-go/metrics/smithyotelmetrics: v1.0.0

Release: Initial release of smithyotelmetrics module, which is used to adapt an OpenTelemetry SDK meter provider to be used with Smithy clients.

github.com/aws/smithy-go/tracing/smithyoteltracing: v1.0.0

Release: Initial release of smithyoteltracing module, which is used to adapt an OpenTelemetry SDK tracer provider to be used with Smithy clients.

Release (2024-08-14)

Module Highlights

github.com/aws/smithy-go: v1.20.4

Dependency Update: Bump minimum Go version to 1.21.

Release (2024-06-27)

Module Highlights

github.com/aws/smithy-go: v1.20.3

Bug Fix: Fix encoding/cbor test overflow on x86.

Release (2024-03-29)

... (truncated)

Commits

bed421c Release 2024-11-15
4d1e793 add changelog for fix pr
84c6c7e Fix: URI path element replace issue due to elements name overlap (#553)
253cd26 fixup jmespath multiselect codegen (#551)
a4c9efc Update Smithy version to 1.52.1 (#550)
48250f4 Update string shape from synthetic to base (#549)
e6338ca Allow all headers to be set to an empty value (#547)
e3a9df9 add annotation to package docs when the service shape is deprecated (#546)
90c085e fix: allow empty headers on prefix headers (#544)
a73f41b stabilize order of client plugin additions (#545)
Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.3.1 to 0.3.4

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.4

This release primarily includes a fix that blocked using filepath-securejoin in Kubernetes.

Previously, some testing mocks we had resulted in us doing import "testing" in non-_test.go code, which made some downstreams like Kubernetes unhappy. This has been fixed. (#32)

Thanks to all of the contributors who made this release possible:

Aleksa Sarai cyphar@cyphar.com

Stephen Kitt skitt@redhat.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

v0.3.3

This release primarily includes fixes for spurious errors we hit when checking that directories created by MkdirAll "look right". Upon further consideration, these checks were fundamentally buggy and didn't offer any practical protection anyway.

The mode and owner verification logic in MkdirAll has been removed. This was originally intended to protect against some theoretical attacks but upon further consideration these protections don't actually buy us anything and they were causing spurious errors with more complicated filesystem setups.

The "is the created directory empty" logic in MkdirAll has also been removed. This was not causing us issues yet, but some pseudofilesystems (such as cgroup) create non-empty directories and so this logic would've been wrong for such cases.

Thanks to all of the contributors who made this release possible:

Aleksa Sarai cyphar@cyphar.com

Kir Kolyshkin kolyshkin@gmail.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

v0.3.2

This release includes a few fixes for MkdirAll when dealing with S_ISUID and S_ISGID, to solve a regression runc hit when switching to MkdirAll.

Passing the S_ISUID or S_ISGID modes to MkdirAllInRoot will now return an explicit error saying that those bits are ignored by mkdirat(2). In the past a different error was returned, but since the silent ignoring behaviour is codified in the man pages a more explicit error seems apt. While silently ignoring these bits would be the most compatible option, it could lead to users thinking their code sets these bits when it doesn't. Programs that need to deal with compatibility can mask the bits themselves. (#23, #25)

... (truncated)

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.3.4] - 2024-10-09

Fixed

Previously, some testing mocks we had resulted in us doing import "testing" in non-_test.go code, which made some downstreams like Kubernetes unhappy. This has been fixed. (#32)

[0.3.3] - 2024-09-30

Fixed

The mode and owner verification logic in MkdirAll has been removed. This was originally intended to protect against some theoretical attacks but upon further consideration these protections don't actually buy us anything and they were causing spurious errors with more complicated filesystem setups.

The "is the created directory empty" logic in MkdirAll has also been removed. This was not causing us issues yet, but some pseudofilesystems (such as cgroup) create non-empty directories and so this logic would've been wrong for such cases.

[0.3.2] - 2024-09-13

Changed

Passing the S_ISUID or S_ISGID modes to MkdirAllInRoot will now return an explicit error saying that those bits are ignored by mkdirat(2). In the past a different error was returned, but since the silent ignoring behaviour is codified in the man pages a more explicit error seems apt. While silently ignoring these bits would be the most compatible option, it could lead to users thinking their code sets these bits when it doesn't. Programs that need to deal with compatibility can mask the bits themselves. (#23, #25)

Fixed

If a directory has S_ISGID set, then all child directories will have S_ISGID set when created and a different gid will be used for any inode created under the directory. Previously, the "expected owner and mode" validation in securejoin.MkdirAll did not correctly handle this. We now correctly handle this case. (#24, #25)

Commits

fd16ade VERSION: release v0.3.4
00e0710 godoc: update package documentation
0cd6be1 README: fix reference to open_tree kernel requirements
205046f README: add pkg.go.dev badge
ecb1b8e tests: procfs: clean up mock test hook
3ec6eed CHANGELOG: mention #32 fix
86e6182 merge #32 into cyphar/filepath-securejoin:main
6864912 Isolate the testing import in test code
4348fee openat: remove unused function
d0c7d67 merge #31 into cyphar/filepath-securejoin:main
Additional commits viewable in compare view

Updates github.com/elgohr/go-localstack from 1.0.20 to 1.0.116

Commits

5e9ff71 Merge pull request #985 from elgohr/dependabot/go_modules/github.com/Mastermi...
4cc99ad Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1
594e2dd Merge pull request #986 from elgohr/dependabot/go_modules/github.com/stretchr...
305f089 Bump github.com/stretchr/testify from 1.9.0 to 1.10.0
f897541 Merge pull request #984 from elgohr/dependabot/github_actions/codecov/codecov...
84d3f93 Bump codecov/codecov-action from 4 to 5
5966c11 Merge pull request #983 from elgohr/dependabot/go_modules/github.com/maxbruns...
28b89db Bump github.com/maxbrunsfeld/counterfeiter/v6 from 6.9.0 to 6.10.0
6d4967d Merge pull request #982 from elgohr/dependabot/go_modules/docker-c4b95dffb6
9d08f74 Bump the docker group with 2 updates
Additional commits viewable in compare view

Updates github.com/jenkins-x/go-scm from 1.14.11 to 1.14.44

Release notes

Sourced from github.com/jenkins-x/go-scm's releases.

1.14.44

Changes in version 1.14.44

Bug Fixes

make fmt (Mårten Svantesson)

linting fixes (Mårten Svantesson)

github now requires explicit make_latest=true on create (Mårten Svantesson)

Chores

release 1.14.44 (jenkins-x-bot)

add variables (jenkins-x-bot)

1.14.43

Changes in version 1.14.43

Chores

release 1.14.43 (jenkins-x-bot)

add variables (jenkins-x-bot)

deps: bump github.com/bluekeyes/go-gitdiff from 0.7.4 to 0.8.0 (dependabot[bot])

1.14.42

Changes in version 1.14.42

Bug Fixes

updating gitea demo url (Mårten Svantesson)

readable diffs (Mårten Svantesson)

pull request should be null for issues (Mårten Svantesson)

Chores

release 1.14.42 (jenkins-x-bot)

add variables (jenkins-x-bot)

1.14.41

Changes in version 1.14.41

Chores

release 1.14.41 (jenkins-x-bot)

add variables (jenkins-x-bot)

deps: bump github.com/bluekeyes/go-gitdiff from 0.7.3 to 0.7.4 (dependabot[bot])

1.14.40

Changes in version 1.14.40

Chores

... (truncated)

Commits

5d9d1c6 chore: release 1.14.44
e61330d chore: add variables
af08d2b Merge pull request #462 from jenkins-x/createlatest
d95cc43 fix: make fmt
183f19b fix: linting fixes
37f223c fix: github now requires explicit make_latest=true on create
4b6f912 Merge pull request #456 from jenkins-x/dependabot/go_modules/github.com/bluek...
6189096 chore(deps): bump github.com/bluekeyes/go-gitdiff from 0.7.4 to 0.8.0
357a1be Merge pull request #459 from jenkins-x/pullrequestnull
635708f fix: updating gitea demo url
Additional commits viewable in compare view

Updates github.com/kubescape/go-git-url from 0.0.25 to 0.0.30

Commits

d27eb58 Merge pull request #16 from kubescape/fix-gitlab
1ba58cb use detected host in gitlab api
afc1c54 Merge pull request #15 from kubescape/fix-gitlab
29a0174 also support self hosted gitlab in NewGitAPI
1d0b89d Merge pull request #14 from kubescape/fix-gitlab
ec5afaf add support for self-hosted gitlab
0a7f7ed Merge pull request #13 from kubescape/fix-gitlab
5dd5ab2 fix gitlab project ID generation
36432da Merge pull request #12 from hectorj2f/fix_git_urls_cve
e2ce7a0 replace whilp/git-urls module by chainguard-dev/git-urls
See full diff in compare view

Updates github.com/maxbrunsfeld/counterfeiter/v6 from 6.9.0 to 6.10.0

Release notes

Sourced from github.com/maxbrunsfeld/counterfeiter/v6's releases.

v6.10.0

What's Changed

Bump github.com/onsi/gomega from 1.34.1 to 1.34.2 by @dependabot in maxbrunsfeld/counterfeiter#296

Bump golang.org/x/text from 0.18.0 to 0.19.0 by @dependabot in maxbrunsfeld/counterfeiter#299

Bump golang.org/x/tools from 0.25.0 to 0.26.0 by @dependabot in maxbrunsfeld/counterfeiter#300

issue #298 - go 1.23 go/types alias change by @xanderflood in maxbrunsfeld/counterfeiter#301

New Contributors

@xanderflood made their first contribution in maxbrunsfeld/counterfeiter#301

Full Changelog: maxbrunsfeld/counterfeiter@v6.9.0...v6.10.0

Commits

241cc37 add integration test to validate type aliases are treated correctly
ac22042 issue #298 - go 1.23 go/types alias change
224623a Merge pull request #300 from maxbrunsfeld/dependabot/go_modules/golang.org/x/...
16e7f66 Bump golang.org/x/tools from 0.25.0 to 0.26.0
92721d4 Merge pull request #299 from maxbrunsfeld/dependabot/go_modules/golang.org/x/...
f5b33b8 Bump golang.org/x/text from 0.18.0 to 0.19.0
b15b881 Merge pull request #296 from maxbrunsfeld/dependabot/go_modules/github.com/on...
63d30a8 Bump github.com/onsi/gomega from 1.34.1 to 1.34.2
See full diff in compare view

Updates github.com/onsi/gomega from 1.34.1 to 1.34.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

bump ginkgo as well [c59c6dc]

bump to go 1.22 - remove x/exp dependency [8158b99]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

bump ginkgo as well [c59c6dc]

bump to go 1.22 - remove x/exp dependency [8158b99]

Commits

7cabed6 v1.34.2
c59c6dc bump ginkgo as well
8158b99 bump to go 1.22 - remove x/exp dependency
See full diff in compare view

Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

Add env variable to suppress completion descriptions on create by @scop in spf13/cobra#1938

🐛 Bug fixes

Micro-optimizations by @scop in spf13/cobra#1957

🔧 Maintenance

build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 by @dependabot in spf13/cobra#2127

Consistent annotation names by @nirs in spf13/cobra#2140

Remove fully inactivated linters by @nirs in spf13/cobra#2148

Address golangci-lint deprecation warnings, enable some more linters by @scop in spf13/cobra#2152

🧪 Testing & CI/CD

Add test for func in cobra.go by @korovindenis in spf13/cobra#2094

ci: test golang 1.22 by @cyrilico in spf13/cobra#2113

Optimized and added more linting by @scop in spf13/cobra#2099

build(deps): bump actions/setup-go from 4 to 5 by @dependabot in spf13/cobra#2087

build(deps): bump actions/labeler from 4 to 5 by @dependabot in spf13/cobra#2086

build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in spf13/cobra#2108

build(deps): bump actions/cache from 3 to 4 by @dependabot in spf13/cobra#2102

✏️ Documentation

Fixes and docs for usage as plugin by @nirs in spf13/cobra#2070

flags: clarify documentation that LocalFlags related function do not modify the state by @niamster in spf13/cobra#2064

chore: remove repetitive words by @racerole in spf13/cobra#2122

Add LXC to the list of projects using Cobra @VaradBelwalkar in spf13/cobra#2071

Update projects_using_cobra.md by @marcuskohlberg in spf13/cobra#2089

[chore]: update projects using cobra by @cmwylie19 in spf13/cobra#2093

Add Taikun CLI to list of projects by @Smidra in spf13/cobra#2098

Add Incus to the list of projects using Cobra by @montag451 in spf13/cobra#2118

... (truncated)

Commits

e94f6d0 Address golangci-lint deprecation warnings, enable some more linters (#2152)
8003b74 Remove fully inactivated linters (#2148)
5c2c1d6 Consistent annotation names (#2140)
5a1acea build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 (#2127)
0fc86c2 docs: update user guide (#2128)
6b5f577 More linting (#2099)
bd914e5 fix: remove deprecated io/ioutils package (#2120)
1f80fa2 chore: remove repetitive words (#2122)
c69ae4c ci: test golang 1.22 (#2113)
a30cee5 build(deps): bump actions/cache from 3 to 4 (#2102)
Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.9.0 to 1.10.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.10.0

What's Changed

Functional Changes

Add PanicAssertionFunc by @fahimbagar in stretchr/testify#1337

assert: deprecate CompareType by @dolmen in stretchr/testify#1566

assert: make YAML dependency pluggable via build tags by @dolmen in stretchr/testify#1579

assert: new assertion NotElementsMatch by @hendrywiranto in stretchr/testify#1600

mock: in order mock calls by @ReyOrtiz in stretchr/testify#1637

Add assertion for NotErrorAs by @palsivertsen in stretchr/testify#1129

Record Return Arguments of a Call by @jayd3e in stretchr/testify#1636

assert.EqualExportedValues: accepts everything by @redachl in stretchr/testify#1586

Fixes

assert: make tHelper a type alias by @dolmen in stretchr/testify#1562

Do not get argument again unnecessarily in Arguments.Error() by @TomWright in stretchr/testify#820

Fix time.Time compare by @myxo in stretchr/testify#1582

assert.Regexp: handle []byte array properly by @kevinburkesegment in stretchr/testify#1587

assert: collect.FailNow() should not panic by @marshall-lee in stretchr/testify#1481

mock: simplify implementation of FunctionalOptions by @dolmen in stretchr/testify#1571

mock: caller information for unexpected method call by @spirin in stretchr/testify#1644

suite: fix test failures by @stevenh in stretchr/testify#1421

Fix issue #1662 (comparing infs should fail) by @ybrustin in stretchr/testify#1663

NotSame should fail if args are not pointers #1661 by @sikehish in stretchr/testify#1664

Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI by @sikehish in stretchr/testify#1667

fix: compare functional option names for indirect calls by @arjun-1 in stretchr/testify#1626

Documantation, Build & CI

.gitignore: ignore "go test -c" binaries by @dolmen in stretchr/testify#1565

mock: improve doc by @dolmen in stretchr/testify#1570

mock: fix FunctionalOptions docs by @snirye in stretchr/testify#1433

README: link out to the excellent testifylint by @brackendawson in stretchr/testify#1568

assert: fix typo in comment by @JohnEndson in stretchr/testify#1580

Correct the EventuallyWithT and EventuallyWithTf example by @JonCrowther in stretchr/testify#1588

CI: bump softprops/action-gh-release from 1 to 2 by @dependabot in stretchr/testify#1575

mock: document more alternatives to deprecated AnythingOfTypeArgument by @dolmen in stretchr/testify#1569

assert: Correctly document EqualValues behavior by @brackendawson in stretchr/testify#1593

fix: grammar in godoc by @miparnisari in stretchr/testify#1607

.github/workflows: Run tests for Go 1.22 by @HaraldNordgren in stretchr/testify#1629

Document suite's lack of support for t.Parallel by @brackendawson in stretchr/testify#1645

assert: fix typos in comments by @alexandear in stretchr/testify#1650

mock: fix doc comment for NotBefore by @alexandear in stretchr/testify#1651

Generate better comments for require package by @Neokil in stretchr/testify#1610

README: replace Testify V2 notice with @dolmen's V2 manifesto by @hendrywiranto in stretchr/testify#1518

New Contributors

@fahimbagar made their first contribution in stretchr/testify#1337

@TomWright made their first contribution in stretchr/testify#820

@snirye made their first contribution in stretchr/testify#1433

@myxo made their first contribution in stretchr/testify#1582

@JohnEndson made their first contribution in stretchr/testify#1580

... (truncated)

Commits

89cbdd9 Merge pull request #1626 from arjun-1/fix-functional-options-diff-indirect-calls
07bac60 Merge pull request #1667 from sikehish/flaky
716de8d Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI
118fb83 NotSame should fail if args are not pointers #1661 (#1664)
7d99b2b attempt 2
05f87c0 more similar
ea7129e better fmt
a1b9c9e Merge pull request #1663 from ybrustin/master
8302de9 Merge branch 'master' into master
89352f7 Merge pull request #1518 from hendrywiranto/adjust-readme-remove-v2
Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.35.1 to 1.35.2

Updates k8s.io/apimachinery from 0.30.1 to 0.30.3

Commits

See full diff in compare view

Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Fix lint: named but unused params by @thockin in go-logr/logr#268

Add a Go report card, fix lint by @thockin in go-logr/logr#271

funcr: Handle nested empty groups properly by @thockin in go-logr/logr#274

Dependencies:

build(deps): bump github/codeql-action from 3.22.11 to 3.22.12 by @dependabot in go-logr/logr#254

build(deps): bump github/codeql-action from 3.22.12 to 3.23.0 by @dependabot in go-logr/logr#256

build(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in go-logr/logr#257

build(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in go-logr/logr#259

build(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in go-logr/logr#260

build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in go-logr/logr#263

build(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in go-logr/logr#262

build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in go-logr/logr#264

build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in go-logr/logr#266

build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in go-logr/logr#267

build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in go-logr/logr#270

build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in go-logr/logr#272

build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in go-logr/logr#275

build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in go-logr/logr#276

build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in go-logr/logr#277

build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by @dependabot in go-logr/logr#278

build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in go-logr/logr#279

build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in go-logr/logr#280

build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in go-logr/logr#281

build(deps): bump github/codeql-action from 3.24.10 to 3.25.1 by @dependabot in go-logr/logr#282

build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 by @dependabot in go-logr/logr#283

build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in go-logr/logr#284

build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in go-logr/logr#285

build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in go-logr/logr#286

build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in go-logr/logr#288

build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.3.0 by @dependabot in go-logr/logr#289

build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 by @dependabot in go-logr/logr#293

build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in go-logr/logr#292

build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in go-logr/logr#291

build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in go-logr/logr#290

build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in go-logr/logr#294

build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in go-logr/logr#295

Full Changelog: go-logr/logr@v1.4.1...v1.4.2

Commits

1205f42 Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...
ccedcbd Merge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...
bead577 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
a492d95 build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
19ad07c build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
1c97a21 build(deps): bump actions/checkout from 4.1.4 to 4.1.5
f70c5b5 build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
4ade8d3 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1
88d98bd Merge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...
432cd86 Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...
Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Fix lint: named but unused params by @thockin in go-logr/logr#268

Add a Go report card, fix lint by @thockin in go-logr/logr#271

funcr: Handle nested empty groups properly by @thockin in go-logr/logr#274

Dependencies:

build(deps): bump github/codeql-action from 3.22.11 to 3.22.12 by @dependabot in go-logr/logr#254

build(deps): bump github/codeql-action from 3.22.12 to 3.23.0 by @dependabot in go-logr/logr#256

build(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in go-logr/logr#257

build(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in go-logr/logr#259

build(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in go-logr/logr#260

build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in go-logr/logr#263

build(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in go-logr/logr#262

build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in go-logr/logr#264

build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in go-logr/logr#266

build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in go-logr/logr#267

build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in go-logr/logr#270

build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in go-logr/logr#272

build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in go-logr/logr#275

build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in go-logr/logr#276

build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in go-logr/logr#277

build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by @dependabot in go-logr/logr#278

build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by

Bumps the go-patch group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) | `1.17.17` | `1.17.46` | | [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.3.1` | `0.3.4` | | [github.com/elgohr/go-localstack](https://github.com/elgohr/go-localstack) | `1.0.20` | `1.0.116` | | [github.com/jenkins-x/go-scm](https://github.com/jenkins-x/go-scm) | `1.14.11` | `1.14.44` | | [github.com/kubescape/go-git-url](https://github.com/kubescape/go-git-url) | `0.0.25` | `0.0.30` | | [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.8.0` | `1.8.1` | | google.golang.org/protobuf | `1.35.1` | `1.35.2` | Bumps the go-patch group with 1 update in the /api directory: [github.com/go-logr/logr](https://github.com/go-logr/logr). Bumps the go-patch group with 2 updates in the /tfctl directory: [github.com/go-logr/logr](https://github.com/go-logr/logr) and [github.com/spf13/cobra](https://github.com/spf13/cobra). Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.17 to 1.17.46 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@credentials/v1.17.17...credentials/v1.17.46) Updates `github.com/aws/smithy-go` from 1.20.3 to 1.22.1 - [Release notes](https://github.com/aws/smithy-go/releases) - [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md) - [Commits](aws/smithy-go@v1.20.3...v1.22.1) Updates `github.com/cyphar/filepath-securejoin` from 0.3.1 to 0.3.4 - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md) - [Commits](cyphar/filepath-securejoin@v0.3.1...v0.3.4) Updates `github.com/elgohr/go-localstack` from 1.0.20 to 1.0.116 - [Commits](elgohr/go-localstack@v1.0.20...v1.0.116) Updates `github.com/jenkins-x/go-scm` from 1.14.11 to 1.14.44 - [Release notes](https://github.com/jenkins-x/go-scm/releases) - [Changelog](https://github.com/jenkins-x/go-scm/blob/main/CHANGELOG.md) - [Commits](jenkins-x/go-scm@v1.14.11...v1.14.44) Updates `github.com/kubescape/go-git-url` from 0.0.25 to 0.0.30 - [Release notes](https://github.com/kubescape/go-git-url/releases) - [Commits](kubescape/go-git-url@v0.0.25...v0.0.30) Updates `github.com/maxbrunsfeld/counterfeiter/v6` from 6.9.0 to 6.10.0 - [Release notes](https://github.com/maxbrunsfeld/counterfeiter/releases) - [Commits](maxbrunsfeld/counterfeiter@v6.9.0...v6.10.0) Updates `github.com/onsi/gomega` from 1.34.1 to 1.34.2 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.34.1...v1.34.2) Updates `github.com/spf13/cobra` from 1.8.0 to 1.8.1 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.8.0...v1.8.1) Updates `github.com/stretchr/testify` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.9.0...v1.10.0) Updates `google.golang.org/protobuf` from 1.35.1 to 1.35.2 Updates `k8s.io/apimachinery` from 0.30.1 to 0.30.3 - [Commits](kubernetes/apimachinery@v0.30.1...v0.30.3) Updates `github.com/go-logr/logr` from 1.4.1 to 1.4.2 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.4.1...v1.4.2) Updates `github.com/go-logr/logr` from 1.4.1 to 1.4.2 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.4.1...v1.4.2) Updates `github.com/spf13/cobra` from 1.8.0 to 1.8.1 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.8.0...v1.8.1) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/credentials dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/aws/smithy-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-patch - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/elgohr/go-localstack dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/jenkins-x/go-scm dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/kubescape/go-git-url dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/maxbrunsfeld/counterfeiter/v6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-patch - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-patch - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/go-logr/logr dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/go-logr/logr dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-patch - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2024-12-02T05:56:12Z

Looks like these dependencies are no longer updatable, so this is no longer needed.

dependabot bot added area/ci Continuous Integration pipeline dependencies Dependency management for library and code labels Nov 25, 2024

dependabot bot closed this Dec 2, 2024

dependabot bot deleted the dependabot/go_modules/go-patch-0592af07fd branch December 2, 2024 05:56

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the go-patch group across 3 directories with 13 updates #1483

Bump the go-patch group across 3 directories with 13 updates #1483

Uh oh!

dependabot bot commented on behalf of github Nov 25, 2024 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Dec 2, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the go-patch group across 3 directories with 13 updates #1483

Bump the go-patch group across 3 directories with 13 updates #1483

Uh oh!

Conversation

dependabot bot commented on behalf of github Nov 25, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release (2024-11-15)

General Highlights

Module Highlights

Release (2024-10-03)

General Highlights

Module Highlights

Release (2024-09-25)

Module Highlights

Release (2024-09-19)

General Highlights

Module Highlights

Release (2024-08-14)

Module Highlights

Release (2024-06-27)

Module Highlights

Release (2024-03-29)

v0.3.4

v0.3.3

v0.3.2

[0.3.4] - 2024-10-09

Fixed

[0.3.3] - 2024-09-30

Fixed

[0.3.2] - 2024-09-13

Changed

Fixed

1.14.44

Changes in version 1.14.44

Bug Fixes

Chores

1.14.43

Changes in version 1.14.43

Chores

1.14.42

Changes in version 1.14.42

Bug Fixes

Chores

1.14.41

Changes in version 1.14.41

Chores

1.14.40

Changes in version 1.14.40

Chores

v6.10.0

What's Changed

New Contributors

v1.34.2

1.34.2

Maintenance

1.34.2

Maintenance

v1.8.1

✨ Features

🐛 Bug fixes

🔧 Maintenance

🧪 Testing & CI/CD

✏️ Documentation

v1.10.0

What's Changed

Functional Changes

Fixes

Documantation, Build & CI

New Contributors

v1.4.2

What's Changed

Dependencies:

v1.4.2

What's Changed

Dependencies:

Uh oh!

dependabot bot commented on behalf of github Dec 2, 2024

Uh oh!

Reviewers

Assignees

dependabot bot commented on behalf of github Nov 25, 2024 •

edited

Loading