chore(deps): bump the go group with 11 updates #127

dependabot · 2024-03-03T23:41:06Z

Bumps the go group with 11 updates:

Package	From	To
code.gitea.io/sdk/gitea	`0.15.1`	`0.17.1`
github.com/containers/image/v5	`5.23.0`	`5.29.2`
github.com/fluxcd/go-git-providers	`0.15.0`	`0.19.3`
github.com/fluxcd/pkg/apis/event	`0.5.2`	`0.7.0`
github.com/fluxcd/pkg/apis/meta	`1.1.2`	`1.3.0`
github.com/fluxcd/pkg/runtime	`0.35.0`	`0.44.1`
github.com/fluxcd/source-controller/api	`1.1.0`	`1.2.4`
github.com/go-logr/logr	`1.3.0`	`1.4.1`
github.com/open-component-model/ocm	`0.4.0`	`0.7.0`
github.com/stretchr/testify	`1.8.4`	`1.9.0`
golang.org/x/oauth2	`0.11.0`	`0.16.0`

Updates code.gitea.io/sdk/gitea from 0.15.1 to 0.17.1

Updates github.com/containers/image/v5 from 5.23.0 to 5.29.2

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.29.2

What's Changed

[release-5.29] backport Docker Daemon fix by @TomSweeneyRedHat in containers/image#2270

[release-5.29] Tag 5.29.1 by @mtrmac in containers/image#2253

Use a stable Skopeo branch for testing the stable c/image branch by @mtrmac in containers/image#2262

Full Changelog: containers/image@v5.29.1...v5.29.2

v5.29.1

Add support for pushing an image with unknown digest

v5.29.0

What's Changed

Bump to v5.28.0 by @rhatdan in containers/image#2114

fix(deps): update module github.com/containers/storage to v1.50.2 by @renovate in containers/image#2115

Run codespell on code by @rhatdan in containers/image#2116

fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5 by @renovate in containers/image#2117

Use constants and types from opencontainers/image-spec/specs-go/v1 by @mtrmac in containers/image#2119

progress: set Current before Refill by @giuseppe in containers/image#2121

copy: fix nil pointer dereference when checking compression algorithm by @crazy-max in containers/image#2120

fix(deps): update module github.com/klauspost/compress to v1.17.0 by @renovate in containers/image#2122

fix(deps): update module github.com/sylabs/sif/v2 to v2.14.0 by @renovate in containers/image#2124

ociarchive: Add new ArchiveFileNotFoundError by @cgwalters in containers/image#2123

fix: typo by @testwill in containers/image#2125

fix(deps): update module github.com/sylabs/sif/v2 to v2.14.1 by @renovate in containers/image#2126

fix(deps): update golang.org/x/exp digest to 7918f67 by @renovate in containers/image#2130

fix(deps): update module github.com/sylabs/sif/v2 to v2.15.0 by @renovate in containers/image#2137

fix(deps): update module golang.org/x/oauth2 to v0.13.0 by @renovate in containers/image#2136

Fix podman search for docker.io/library images by @boaz0 in containers/image#2133

fix(deps): update module github.com/docker/distribution to v2.8.3+incompatible by @renovate in containers/image#2131

fix(deps): update module github.com/sigstore/fulcio to v1.4.1 by @renovate in containers/image#2138

fix(deps): update module github.com/sigstore/fulcio to v1.4.2 by @renovate in containers/image#2140

Oci image deletion by @Pvlerick in containers/image#2003

fix(deps): update module github.com/sigstore/fulcio to v1.4.3 by @renovate in containers/image#2142

fix(deps): update module github.com/otiai10/copy to v1.14.0 by @renovate in containers/image#2144

fix(deps): update module github.com/vbauerster/mpb/v8 to v8.6.2 by @renovate in containers/image#2146

fix(deps): update module github.com/klauspost/compress to v1.17.1 by @renovate in containers/image#2148

fix(deps): update module github.com/sigstore/sigstore to v1.7.4 by @renovate in containers/image#2145

chore(deps): update dependency containers/automation_images to v20231004 by @renovate in containers/image#2150

Fix conversion of Zstd images to non-OCI formats by @mtrmac in containers/image#2151

Parse the body of (docker load) response to correctly handle errors by @mtrmac in containers/image#2153

Fix a comment by @mtrmac in containers/image#2152

fix(deps): update module github.com/klauspost/compress to v1.17.2 by @renovate in containers/image#2154

Don't use append() on slices with unclear origin by @mtrmac in containers/image#2155

Remove unused environment variables in Cirrus by @mtrmac in containers/image#2156

Fix and simplify storage tests by @mtrmac in containers/image#2147

Add image.UnparsedInstanceWithReference and storage.ResolveReference by @mtrmac in containers/image#2056

fix(deps): update module github.com/docker/docker to v24.0.7+incompatible [security] by @renovate in containers/image#2163

fix(deps): update module github.com/sigstore/sigstore to v1.7.5 by @renovate in containers/image#2159

... (truncated)

Commits

b799d82 [release-5.29] Bump to v5.29.2
6cbd4f4 [release-5.29] backport Docker Daemon fix #2260
2f0d9ae Merge pull request #2262 from mtrmac/5.29-skopeo-reverse
ef8a7a5 Use a stable Skopeo branch for testing the stable c/image branch
d8bbff8 Merge pull request #2253 from mtrmac/releasing-5.29.1
540136f Bump to v5.29.2-dev
f7fbc0a Release 5.29.1
1b5932f Merge pull request #2252 from mheon/backport_2209_529
47bac8f Add support for pushing image with unknown digest
041e291 Merge pull request #2251 from mtrmac/5.29-dest-branch
Additional commits viewable in compare view

Updates github.com/fluxcd/go-git-providers from 0.15.0 to 0.19.3

Release notes

Sourced from github.com/fluxcd/go-git-providers's releases.

v0.19.3

CHANGELOG

PR #261 Adapt workflows

PR #260 build(deps): bump the ci group with 2 updates

PR #259 Updating dependencies and fix go-git CVE

PR #257 changing Soule info

PR #256 github: fix defer in for loop

v0.19.2

CHANGELOG

PR #254 Updating dependencies

PR #253 build(deps): bump the ci group with 1 update

v0.19.1

CHANGELOG

PR #252 build(deps): bump golang.org/x/net from 0.16.0 to 0.17.0

v0.19.0

CHANGELOG

PR #250 Validate user ref when creating user repository

PR #249 updating go and dependencies versions

PR #248 build(deps): bump the ci group with 1 update

PR #247 build(deps): bump the ci group with 2 updates

PR #246 build(deps): bump the ci group with 1 update

PR #244 build(deps): bump github.com/cloudflare/circl from 1.1.0 to 1.3.3

PR #243 build(deps): bump the ci group with 1 update

PR #242 ci: Group dependabot updates

PR #241 build(deps): bump actions/checkout from 3.5.3 to 3.6.0

PR #240 build(deps): bump actions/setup-go from 4.0.1 to 4.1.0

PR #238 Pin GitLab version in e2e tests

PR #237 fix panic when gitea commit object contains nil pointers

v0.18.0

CHANGELOG

v0.17.0

CHANGELOG

PR #236 Declare Gitea client test e2e

PR #235 build(deps): bump actions/checkout from 3.5.2 to 3.5.3

PR #234 build(deps): bump github/codeql-action from 2.3.6 to 2.13.4

PR #233 build(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0

PR #232 Remove code coverage reporting from project

PR #231 pin test gitea instance to v1.19.3

PR #228 build(deps): bump github/codeql-action from 2.3.5 to 2.3.6

PR #226 Adding gitea provider

PR #225 Bump github/codeql-action from 2.3.3 to 2.3.5

v0.16.0

CHANGELOG

PR #215 Update dependencies and github workflows

... (truncated)

Commits

5231570 Merge pull request #261 from fluxcd/adapt-workflows
4d311a7 Updating deps
0bf0cbd Adapat CI workflows
6e50bf5 Merge pull request #256 from zchee/fix-for-loop-defer
5d24c20 github: Check an error to close io.ReadCloser as well
017242d github: fix defer in for loop
13ec9aa Merge pull request #260 from fluxcd/dependabot/github_actions/ci-070d6516ea
a0b2cff build(deps): bump the ci group with 2 updates
863d4f4 Merge pull request #259 from fluxcd/update-dependencies
1fef9e9 attempt to fix flaky test
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/event from 0.5.2 to 0.7.0

Commits

f70757d Merge pull request #408 from fluxcd/fix-e2e
5723219 build: Fix e2e tests broken after #402
286ec55 Merge pull request #402 from pjbgf/git-repository
1337974 git: Move repository options to git/repository
6db7f53 git: Move pkg/gitutil into pkg/git
dccd499 git: Consolidate the use of ClientOption
4d71f21 git: Rename git.RepositoryClient to repository.Client
aec27af Merge pull request #407 from fluxcd/update-internal-pkgs
8429132 Update internal dependencies
7741c5f Merge pull request #403 from pjbgf/update-deps
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.1.2 to 1.3.0

Commits

31388ce Merge pull request #727 from fluxcd/distribution-up
328eb42 Update OCI distribution to v3.0.0-alpha.1
7fabcd8 Merge pull request #684 from somtochiama/pull-static-file-oci
a330445 fix options
255f8fc test for static archive
f155227 refactor test
8687514 implement pull static artifact
4624208 Merge pull request #726 from fluxcd/deps-kube-v0.28.6
30da897 Update dependencies
63e3e9c Merge pull request #725 from fluxcd/dependabot/github_actions/ci-f38fbd1956
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.35.0 to 0.44.1

Commits

2e7e8fe Merge pull request #730 from fluxcd/conditions-HasAnyReasons
1ae7daf runtime: Add HasAnyReason to conditions getter
db52a67 Merge pull request #729 from fluxcd/dependabot/github_actions/ci-727f6c18fd
ea2c064 build(deps): bump the ci group with 2 updates
See full diff in compare view

Updates github.com/fluxcd/source-controller/api from 1.1.0 to 1.2.4

Release notes

Sourced from github.com/fluxcd/source-controller/api's releases.

v1.2.4

Changelog

v1.2.4 changelog

Container images

docker.io/fluxcd/source-controller:v1.2.4

ghcr.io/fluxcd/source-controller:v1.2.4

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.3

Changelog

v1.2.3 changelog

Container images

docker.io/fluxcd/source-controller:v1.2.3

ghcr.io/fluxcd/source-controller:v1.2.3

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.2

Changelog

v1.2.2 changelog

Container images

docker.io/fluxcd/source-controller:v1.2.2

ghcr.io/fluxcd/source-controller:v1.2.2

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.1

Changelog

... (truncated)

Changelog

Sourced from github.com/fluxcd/source-controller/api's changelog.

1.2.4

Release date: 2024-02-01

This patch release updates the Kubernetes dependencies to v1.28.6 and various other dependencies to their latest version to patch upstream CVEs.

Improvements:

Various dependency updates #1362 #1357 #1353 #1347 #1343 #1340 #1338 #1336 #1334

1.2.3

Release date: 2023-12-14

This patch release updates the controller's Helm dependency to v3.13.3.

Improvements:

Update Helm to v3.13.3 #1325

helmrepo: Remove migration log/event #1324

1.2.2

Release date: 2023-12-11

This patch release addresses an issue with AWS ECR authentication introduced in v1.2.0.

In addition, a variety of dependencies have been updated. Including an update of the container base image to Alpine v3.19.

Fixes:

Address issue with authenticating towards AWS ECR #1318 #1321

Improvements:

Update dependencies #1314

... (truncated)

Commits

3f131a1 Merge pull request #1363 from fluxcd/release-v1.2.4
8fcdff7 Release v1.2.4
2a57324 Add changelog entry for v1.2.4
a724e00 Merge pull request #1362 from fluxcd/backport-1361-to-release/v1.2.x
6cf8879 build(deps): bump the go-deps group with 2 updates
fefee33 Merge pull request #1357 from fluxcd/backport-1355-to-release/v1.2.x
e3834d3 build(deps): bump the ci group with 3 updates
d6d8699 Merge pull request #1353 from fluxcd/backport-1352-to-release/v1.2.x
0efba9a Update API to Kubernetes v1.28.4
1a892fc build(deps): bump the go-deps group with 12 updates
Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.3.0 to 1.4.1

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.1

What's Changed

slogr: fix unintended API break in v1.4.0 by @pohly in go-logr/logr#253

Full Changelog: go-logr/logr@v1.4.0...v1.4.1

v1.4.0

This release dramatically improves interoperability with Go's log/slog package. In particular, logr.NewContext and logr.NewContextWithSlogLogger use the same context key, which allows logr.FromContext and logr.FromContextAsSlogLogger to return logr.Logger or *slog.Logger respectively, including transparently converting each to the other as needed.

Functions logr/slogr.NewLogr and logr/slogr.ToSlogHandler have been superceded by logr.FromSlogHandler and logr.ToSlogHandler respectively, and type logr/slogr.SlogSink has been superceded by logr.SlogSink. All of the old names in logr/slogr remain, for compatibility.

Package logr/funcr now supports logr.SlogSink, meaning that it's output passes all but one of the Slog conformance tests (that exception being that funcr handles the timestamp itself).

Users who have a logr.Logger and need a *slog.Logger can call slog.New(logr.ToSlogHandler(...)) and all output will go through the same stack.

Users who have a *slog.Logger or slog.Handler can call logr.FromSlogHandler(...) and all output will go through the same stack.

What's Changed

slog context support by @pohly in go-logr/logr#237

slog support: fix WithGroup + WithValues combination by @pohly in go-logr/logr#243

Add tests for context with slog by @thockin in go-logr/logr#246

sloghandler: unnamed groups should be inlined by @thockin in go-logr/logr#245

Add SlogSink support to funcr by @thockin in go-logr/logr#241

funcr: Add LogInfoLevel Option to skip logging level in the info log by @spacewander in go-logr/logr#240

New Contributors

@spacewander made their first contribution in go-logr/logr#240

Full Changelog: go-logr/logr@v1.3.0...v1.4.0

Commits

dcdc3f2 slogr: fix unintended API break in v0.8.0 (#253)
5d88f52 funcr: Add LogInfoLevel Option to skip logging level in the info log (#240)
177005d build(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0
e7f489a build(deps): bump github/codeql-action from 2.22.9 to 3.22.11
cf56c3b build(deps): bump actions/setup-go from 4 to 5
2ad296e build(deps): bump github/codeql-action from 2.22.8 to 2.22.9
d55b4e2 Merge pull request #241 from thockin/master
98ee9d9 Clean up slog testing and restore coverage
b228ba8 Break examples to new file
6432877 Add benchmarks for slogSink
Additional commits viewable in compare view

Updates github.com/open-component-model/ocm from 0.4.0 to 0.7.0

Release notes

Sourced from github.com/open-component-model/ocm's releases.

v0.7.0

Release v0.7.0

parse and validate some input parameters as filesystem-paths (#669)

Reference Hint Check fixed + alignment of configure function (#672)

Npm/config (#653)

fix cd copy + rsa-pss-signingserver (#670)

let's run only, where we have API key available (#667)

Bump the ci group with 2 updates (#663)

Bump github.com/lestrrat-go/jwx/v2 from 2.0.16 to 2.0.19 (#635)

make use of windows-driver-letter fix (#666)

fix field name for srcRefs (#651)

Check Command to check completeness of a component version graph (#644)

signing support for rsa-pss (#640)

default config handlers (#660)

add epic (#654)

Bump the ci group with 6 updates (#641)

Fix/npm publish (#650)

publish npm packages (#636)

switch to preferred new $defs (#536)

Make ocm flake.nix ready (#625)

Bump the ci group with 2 updates (#631)

Filter Option for Transferring OCI Index Artifacts (#620)

Bump github.com/cloudflare/circl from 1.3.5 to 1.3.7 (#622)

fix tour01 docu (#623)

add PR target (#624)

Extended Tour Documentation (#614)

v0.6.0

Release v0.6.0

Bump github.com/containerd/containerd from 1.7.6 to 1.7.11 (#606)

fix credential provider handling (#611)

fix ref detection for ca/ctf (#607)

Bump the ci group with 2 updates (#603)

Bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#605)

generate deep copy (#609)

change the default compressing behavior to false for file input type (#604)

remove duplicate code (#601)

Support for Delivered Public Key Certificates (#592)

v0.5.0

Release v0.5.0

add example (#600)

Bump the ci group with 3 updates (#598)

Bump the ci group with 1 update (#588)

Bump k8s.io/client-go from 0.28.3 to 0.28.4 (#590)

Rework implementation support for OCM storage backends (#569)

Skip Report generation on scheduled run + non PR runs (#593)

... (truncated)

Commits

a2b9f74 Release v0.7.0
4586fda ReleaseNotes for v0.7.0
cb203c0 parse and validate some input parameters as filesystem-paths (#669)
929d0ea Reference Hint Check fixed + alignment of configure function (#672)
137c796 Npm/config (#653)
b60bac1 fix cd copy + rsa-pss-signingserver (#670)
944ddec let's run only, where we have API key available (#667)
82b84e0 Bump the ci group with 2 updates (#663)
e73ce3a Bump github.com/lestrrat-go/jwx/v2 from 2.0.16 to 2.0.19 (#635)
2ddf3fe make use of windows-driver-letter fix (#666)
Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.8.4 to 1.9.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.9.0

What's Changed

Fix Go modules version by @SuperQ in stretchr/testify#1394

Document that require is not safe to call in created goroutines by @programmer04 in stretchr/testify#1392

Remove myself from MAINTAINERS.md by @mvdkleijn in stretchr/testify#1367

Correct spelling/grammar by @echarrod in stretchr/testify#1389

docs: Update URLs in README by @davidjb in stretchr/testify#1349

Update mockery link to Github Pages in README by @LandonTClipp in stretchr/testify#1346

docs: Fix typos in tests and comments by @alexandear in stretchr/testify#1410

CI: tests from go1.17 by @SuperQ in stretchr/testify#1409

Fix adding ? when no values passed by @lesichkovm in stretchr/testify#1320

codegen: use standard header for generated files by @dolmen in stretchr/testify#1406

mock: AssertExpectations log reason only on failure by @hikyaru-suzuki in stretchr/testify#1360

assert: fix flaky TestNeverTrue by @dolmen in stretchr/testify#1417

README: fix typos "set up" vs "setup" by @ossan-dev in stretchr/testify#1428

mock: move regexp compilation outside of Called by @aud10slave in stretchr/testify#631

assert: refactor internal func getLen() by @dolmen in stretchr/testify#1445

mock: deprecate type AnythingOfTypeArgument (#1434) by @dolmen in stretchr/testify#1441

Remove no longer needed assert.canConvert by @alexandear in stretchr/testify#1470

assert: ObjectsAreEqual: use time.Equal for time.Time types by @tscales in stretchr/testify#1464

Bump actions/checkout from 3 to 4 by @dependabot in stretchr/testify#1466

Bump actions/setup-go from 3.2.0 to 4.1.0 by @dependabot in stretchr/testify#1451

fix: make EventuallyWithT concurrency safe by @czeslavo in stretchr/testify#1395

assert: fix httpCode and HTTPBody occur panic when http.Handler read Body by @hidu in stretchr/testify#1484

assert.EqualExportedValues: fix handling of arrays by @zrbecker in stretchr/testify#1473

.github: use latest Go versions by @kevinburkesegment in stretchr/testify#1489

assert: Deprecate EqualExportedValues by @HaraldNordgren in stretchr/testify#1488

suite: refactor test assertions by @alexandear in stretchr/testify#1474

suite: fix SetupSubTest and TearDownSubTest execution order by @linusbarth in stretchr/testify#1471

docs: Fix deprecation comments for http package by @alexandear in stretchr/testify#1335

Add map support doc comments to Subset and NotSubset by @jedevc in stretchr/testify#1306

TestErrorIs/TestNotErrorIs: check error message contents by @craig65535 in stretchr/testify#1435

suite: fix subtest names (fix #1501) by @dolmen in stretchr/testify#1504

assert: improve unsafe.Pointer tests by @dolmen in stretchr/testify#1505

assert: simplify isNil implementation by @dolmen in stretchr/testify#1506

assert.InEpsilonSlice: fix expected/actual order and other improvements by @dolmen in stretchr/testify#1483

Fix dependency cycle with objx #1292 by @dolmen in stretchr/testify#1453

mock: refactor TestIsArgsEqual by @dolmen in stretchr/testify#1444

mock: optimize argument matching checks by @dolmen in stretchr/testify#1416

assert: fix TestEventuallyTimeout by @dolmen in stretchr/testify#1412

CI: add go 1.21 in GitHub Actions by @dolmen in stretchr/testify#1450

suite: fix recoverAndFailOnPanic to report test failure at the right location by @dolmen in stretchr/testify#1502

Update maintainers by @brackendawson in stretchr/testify#1533

assert: Fix EqualValues to handle overflow/underflow by @arjunmahishi in stretchr/testify#1531

assert: better formatting for Len() error by @kevinburkesegment in stretchr/testify#1485

Ensure AssertExpectations does not fail in skipped tests by @ianrose14 in stretchr/testify#1331

suite: fix deadlock in suite.Require()/Assert() by @arjunmahishi in stretchr/testify#1535

Revert "assert: ObjectsAreEqual: use time.Equal for time.Time type" by @brackendawson in stretchr/testify#1537

[chore] Add issue templates by @arjunmahishi in stretchr/testify#1538

Update the build status badge by @brackendawson in stretchr/testify#1540

... (truncated)

Commits

bb548d0 Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...
814075f build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2
e045612 Merge pull request #1339 from bogdandrutu/uintptr
5b6926d Merge pull request #1385 from hslatman/not-implements
9f97d67 Merge pull request #1550 from stretchr/release-notes
bcb0d3f Include the auto-release notes in releases
fb770f8 Merge pull request #1247 from ccoVeille/typos
85d8bb6 fix typos in comments, tests and github templates
e2741fa Merge pull request #1548 from arjunmahishi/msgAndArgs
6e59f20 http_assertions: assert that the msgAndArgs actually works in tests
Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.11.0 to 0.16.0

Commits

39adbb7 go.mod: update golang.org/x dependencies
4ce7bbb google: add Credentials.GetUniverseDomain with GCE MDS support
1e6999b google: add UniverseDomain to CredentialsParams
6e9ec93 go.mod: update golang.org/x dependencies
e067960 go.mod: update golang.org/x dependencies
4c91c17 google: adds header to security considerations section
3c5dbf0 go.mod: update golang.org/x dependencies
11625cc google: add authorized_user conditional to Credentials.UniverseDomain
8d6d45b google: add Credentials.UniverseDomain to support TPC
43b6a7b google: adding support for external account authorized user
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go group with 11 updates: | Package | From | To | | --- | --- | --- | | code.gitea.io/sdk/gitea | `0.15.1` | `0.17.1` | | [github.com/containers/image/v5](https://github.com/containers/image) | `5.23.0` | `5.29.2` | | [github.com/fluxcd/go-git-providers](https://github.com/fluxcd/go-git-providers) | `0.15.0` | `0.19.3` | | [github.com/fluxcd/pkg/apis/event](https://github.com/fluxcd/pkg) | `0.5.2` | `0.7.0` | | [github.com/fluxcd/pkg/apis/meta](https://github.com/fluxcd/pkg) | `1.1.2` | `1.3.0` | | [github.com/fluxcd/pkg/runtime](https://github.com/fluxcd/pkg) | `0.35.0` | `0.44.1` | | [github.com/fluxcd/source-controller/api](https://github.com/fluxcd/source-controller) | `1.1.0` | `1.2.4` | | [github.com/go-logr/logr](https://github.com/go-logr/logr) | `1.3.0` | `1.4.1` | | [github.com/open-component-model/ocm](https://github.com/open-component-model/ocm) | `0.4.0` | `0.7.0` | | [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.8.4` | `1.9.0` | | [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.11.0` | `0.16.0` | Updates `code.gitea.io/sdk/gitea` from 0.15.1 to 0.17.1 Updates `github.com/containers/image/v5` from 5.23.0 to 5.29.2 - [Release notes](https://github.com/containers/image/releases) - [Commits](containers/image@v5.23.0...v5.29.2) Updates `github.com/fluxcd/go-git-providers` from 0.15.0 to 0.19.3 - [Release notes](https://github.com/fluxcd/go-git-providers/releases) - [Changelog](https://github.com/fluxcd/go-git-providers/blob/main/.goreleaser.yml) - [Commits](fluxcd/go-git-providers@v0.15.0...v0.19.3) Updates `github.com/fluxcd/pkg/apis/event` from 0.5.2 to 0.7.0 - [Commits](fluxcd/pkg@kustomize/v0.5.2...git/v0.7.0) Updates `github.com/fluxcd/pkg/apis/meta` from 1.1.2 to 1.3.0 - [Commits](fluxcd/pkg@apis/meta/v1.1.2...apis/meta/v1.3.0) Updates `github.com/fluxcd/pkg/runtime` from 0.35.0 to 0.44.1 - [Commits](fluxcd/pkg@oci/v0.35.0...runtime/v0.44.1) Updates `github.com/fluxcd/source-controller/api` from 1.1.0 to 1.2.4 - [Release notes](https://github.com/fluxcd/source-controller/releases) - [Changelog](https://github.com/fluxcd/source-controller/blob/main/CHANGELOG.md) - [Commits](fluxcd/source-controller@v1.1.0...v1.2.4) Updates `github.com/go-logr/logr` from 1.3.0 to 1.4.1 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.3.0...v1.4.1) Updates `github.com/open-component-model/ocm` from 0.4.0 to 0.7.0 - [Release notes](https://github.com/open-component-model/ocm/releases) - [Changelog](https://github.com/open-component-model/ocm/blob/main/.goreleaser.yaml) - [Commits](open-component-model/ocm@v0.4.0...v0.7.0) Updates `github.com/stretchr/testify` from 1.8.4 to 1.9.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) Updates `golang.org/x/oauth2` from 0.11.0 to 0.16.0 - [Commits](golang/oauth2@v0.11.0...v0.16.0) --- updated-dependencies: - dependency-name: code.gitea.io/sdk/gitea dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/go-git-providers dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/pkg/apis/event dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/pkg/apis/meta dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/pkg/runtime dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/source-controller/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/go-logr/logr dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/open-component-model/ocm dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go ... Signed-off-by: dependabot[bot] <[email protected]>

github-actions · 2024-03-03T23:42:21Z

Mend Scan Summary: ❌

Repository: open-component-model/git-controller

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	0
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	0
LICENSE RISK HIGH	5
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI

dependabot · 2024-03-10T23:33:53Z

Superseded by #131.

dependabot bot added kind/dependency dependency update, etc. go labels Mar 3, 2024

dependabot bot closed this Mar 10, 2024

dependabot bot deleted the dependabot/go_modules/go-ca11abdd41 branch March 10, 2024 23:33

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the go group with 11 updates #127

chore(deps): bump the go group with 11 updates #127

dependabot bot commented on behalf of github Mar 3, 2024 •

edited

Loading

github-actions bot commented Mar 3, 2024

dependabot bot commented on behalf of github Mar 10, 2024

chore(deps): bump the go group with 11 updates #127

chore(deps): bump the go group with 11 updates #127

Conversation

dependabot bot commented on behalf of github Mar 3, 2024 • edited Loading

v5.29.2

What's Changed

v5.29.1

v5.29.0

What's Changed

v0.19.3

v0.19.2

v0.19.1

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v1.2.4

Changelog

Container images

v1.2.3

Changelog

Container images

v1.2.2

Changelog

Container images

v1.2.1

Changelog

1.2.4

1.2.3

1.2.2

v1.4.1

What's Changed

v1.4.0

What's Changed

New Contributors

v0.7.0

v0.6.0

v0.5.0

v1.9.0

What's Changed

github-actions bot commented Mar 3, 2024

Mend Scan Summary: ❌

Repository: open-component-model/git-controller

dependabot bot commented on behalf of github Mar 10, 2024

dependabot bot commented on behalf of github Mar 3, 2024 •

edited

Loading