build(deps): bump the go-deps group with 13 updates#2101
Open
dependabot[bot] wants to merge 1 commit into
Open
build(deps): bump the go-deps group with 13 updates#2101dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the go-deps group with 13 updates: | Package | From | To | | --- | --- | --- | | [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.6.1` | `0.7.0` | | [github.com/fluxcd/cli-utils](https://github.com/fluxcd/cli-utils) | `1.2.1` | `1.2.2` | | [github.com/fluxcd/pkg/apis/event](https://github.com/fluxcd/pkg) | `0.27.0` | `0.28.0` | | [github.com/fluxcd/pkg/apis/meta](https://github.com/fluxcd/pkg) | `1.30.0` | `1.31.0` | | [github.com/fluxcd/pkg/artifact](https://github.com/fluxcd/pkg) | `0.18.0` | `0.19.0` | | [github.com/fluxcd/pkg/auth](https://github.com/fluxcd/pkg) | `0.54.0` | `0.55.0` | | [github.com/fluxcd/pkg/helmtestserver](https://github.com/fluxcd/pkg) | `0.40.0` | `0.41.0` | | [github.com/fluxcd/pkg/runtime](https://github.com/fluxcd/pkg) | `0.110.0` | `0.111.0` | | [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) | `7.2.0` | `7.2.1` | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.41.0` | `1.42.1` | | [github.com/sigstore/cosign/v3](https://github.com/sigstore/cosign) | `3.0.6` | `3.1.1` | | [github.com/sigstore/sigstore-go](https://github.com/sigstore/sigstore-go) | `1.2.0` | `1.2.1` | | [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.283.0` | `0.287.0` | Updates `github.com/cyphar/filepath-securejoin` from 0.6.1 to 0.7.0 - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md) - [Commits](cyphar/filepath-securejoin@v0.6.1...v0.7.0) Updates `github.com/fluxcd/cli-utils` from 1.2.1 to 1.2.2 - [Release notes](https://github.com/fluxcd/cli-utils/releases) - [Commits](fluxcd/cli-utils@v1.2.1...v1.2.2) Updates `github.com/fluxcd/pkg/apis/event` from 0.27.0 to 0.28.0 - [Commits](fluxcd/pkg@git/v0.27.0...git/v0.28.0) Updates `github.com/fluxcd/pkg/apis/meta` from 1.30.0 to 1.31.0 - [Commits](fluxcd/pkg@apis/meta/v1.30.0...apis/meta/v1.31.0) Updates `github.com/fluxcd/pkg/artifact` from 0.18.0 to 0.19.0 - [Commits](fluxcd/pkg@git/v0.18.0...git/v0.19.0) Updates `github.com/fluxcd/pkg/auth` from 0.54.0 to 0.55.0 - [Commits](fluxcd/pkg@oci/v0.54.0...oci/v0.55.0) Updates `github.com/fluxcd/pkg/helmtestserver` from 0.40.0 to 0.41.0 - [Commits](fluxcd/pkg@git/v0.40.0...git/v0.41.0) Updates `github.com/fluxcd/pkg/runtime` from 0.110.0 to 0.111.0 - [Commits](fluxcd/pkg@runtime/v0.110.0...runtime/v0.111.0) Updates `github.com/minio/minio-go/v7` from 7.2.0 to 7.2.1 - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](minio/minio-go@v7.2.0...v7.2.1) Updates `github.com/onsi/gomega` from 1.41.0 to 1.42.1 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.41.0...v1.42.1) Updates `github.com/sigstore/cosign/v3` from 3.0.6 to 3.1.1 - [Release notes](https://github.com/sigstore/cosign/releases) - [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md) - [Commits](sigstore/cosign@v3.0.6...v3.1.1) Updates `github.com/sigstore/sigstore-go` from 1.2.0 to 1.2.1 - [Release notes](https://github.com/sigstore/sigstore-go/releases) - [Commits](sigstore/sigstore-go@v1.2.0...v1.2.1) Updates `google.golang.org/api` from 0.283.0 to 0.287.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.283.0...v0.287.0) --- updated-dependencies: - dependency-name: github.com/cyphar/filepath-securejoin dependency-version: 0.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/cli-utils dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/apis/event dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/apis/meta dependency-version: 1.31.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/artifact dependency-version: 0.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/auth dependency-version: 0.55.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/helmtestserver dependency-version: 0.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/runtime dependency-version: 0.111.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/minio/minio-go/v7 dependency-version: 7.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-deps - dependency-name: github.com/onsi/gomega dependency-version: 1.42.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/sigstore/cosign/v3 dependency-version: 3.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/sigstore/sigstore-go dependency-version: 1.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-deps - dependency-name: google.golang.org/api dependency-version: 0.287.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the go-deps group with 13 updates:
0.6.10.7.01.2.11.2.20.27.00.28.01.30.01.31.00.18.00.19.00.54.00.55.00.40.00.41.00.110.00.111.07.2.07.2.11.41.01.42.13.0.63.1.11.2.01.2.10.283.00.287.0Updates
github.com/cyphar/filepath-securejoinfrom 0.6.1 to 0.7.0Changelog
Sourced from github.com/cyphar/filepath-securejoin's changelog.
Commits
8096a95VERSION: release v0.7.01324ccbmerge #101 into cyphar/filepath-securejoin:maindd8f0bbdeps: bump to cyphar.com/go-pathrs@v0.2.5c9a7725gha: bump golangci-lint to v2.122e968bdMerge pull request #91 from cyphar/dependabot/github_actions/actions/download...2879148Merge pull request #90 from cyphar/dependabot/github_actions/actions/upload-a...07b805bbuild(deps): bump actions/download-artifact from 6 to 78507844build(deps): bump actions/upload-artifact from 5 to 6daef0cfMerge pull request #89 from cyphar/dependabot/github_actions/actions/checkout-695f8ea4build(deps): bump actions/checkout from 5 to 6Updates
github.com/fluxcd/cli-utilsfrom 1.2.1 to 1.2.2Release notes
Sourced from github.com/fluxcd/cli-utils's releases.
Commits
5620149Merge pull request #37 from fluxcd/upgrade-k8s-36.21e5951fUpgrade kubernetes to 1.36.294614cdMerge pull request #36 from fluxcd/upgrade-depse7fc06fUpgrade golang.org/x/net to v0.55.0Updates
github.com/fluxcd/pkg/apis/eventfrom 0.27.0 to 0.28.0Commits
00782edMerge pull request #917 from fluxcd/test-auth-providers3976c50[RFC-0010] Add tests for auth providers182841aMerge pull request #916 from fluxcd/cache-op-label1e41450Introduce operation label for cache event metricaa3cde9Merge pull request #909 from fluxcd/auth-azure9e0e8bc[RFC-0010] Add azure auth library7eae091Merge pull request #908 from fluxcd/auth-gcp9f68942Merge pull request #907 from fluxcd/auth-awsbb7cb58Merge pull request #906 from fluxcd/auth-core45fbfee[RFC-0010] Add gcp auth libraryUpdates
github.com/fluxcd/pkg/apis/metafrom 1.30.0 to 1.31.0Commits
b98e2b0Merge pull request #1251 from fluxcd/release-main2dfcb7cPrepare for releasedd6b016Merge pull request #1253 from fluxcd/upgrade-k8s-36.22d00796Upgrade kubernetes to 1.36.2827f6c3Merge pull request #1249 from fluxcd/upgrade-go-git-providersbe6d462Upgrade go-git-providers and go-github023a357Merge pull request #1248 from fluxcd/label-2.97e8856dAdd backport label for Flux 2.9ae10469Merge pull request #1246 from fluxcd/ks-always-subst2cd36cbkustomize: add tests for empty vars with strict sub and omitted withoutUpdates
github.com/fluxcd/pkg/artifactfrom 0.18.0 to 0.19.0Commits
e32ccc2Merge pull request #763 from fluxcd/kubernetes-1.302b974afUpdate sigs.k8s.io/controller-tools to v0.15.052c1fc5Update sigs.k8s.io/controller-runtime to v0.18.0c906252Update dependencies to Kubernetes 1.3092c1348Merge pull request #764 from fluxcd/dependabot/github_actions/ci-e44cfae560ccb916abuild(deps): bump the ci group with 3 updates6081556Merge pull request #761 from fluxcd/kustomize-name-prefix-suffixabf5675kustomize: Add support fornamePrefixandnameSuffix98d2522Merge pull request #760 from fluxcd/dependabot/github_actions/ci-8f082d4f6defcd824build(deps): bump docker/setup-buildx-action in the ci groupUpdates
github.com/fluxcd/pkg/authfrom 0.54.0 to 0.55.0Commits
6ce1a83Merge pull request #1019 from fluxcd/update-otel828f74fPrepare releasee7a2b15Update otel to v1.38.0d2f54ddMerge pull request #1018 from fluxcd/meta-artifact9adb480apis: AddArtifacttype tometapackage7201e2cMerge pull request #1017 from fluxcd/kustomize-ignore-components929f4b4kustomize: AddignoreMissingComponentsoptiona5e02ceMerge pull request #1013 from fluxcd/meta-history71c0a08Prepare release4aaf176meta: AddHistoryAPI for tracking reconcile runs in statusUpdates
github.com/fluxcd/pkg/helmtestserverfrom 0.40.0 to 0.41.0Commits
cde06a5Merge pull request #1079 from fluxcd/kube-v0.35.021a1946auth: Fix Azure auth test for China and US Gov clouds125d607Prepare for release4f26e76Update dependencies to Kubernetes v0.35.098667f8Merge pull request #1069 from fluxcd/helm-4.12aea89fUpgrade Helm to v4.1.04895944Merge pull request #1077 from fluxcd/ssa-custom-stage8a98478ssa: introduce custom apply stageUpdates
github.com/fluxcd/pkg/runtimefrom 0.110.0 to 0.111.0Commits
b98e2b0Merge pull request #1251 from fluxcd/release-main2dfcb7cPrepare for releasedd6b016Merge pull request #1253 from fluxcd/upgrade-k8s-36.22d00796Upgrade kubernetes to 1.36.2827f6c3Merge pull request #1249 from fluxcd/upgrade-go-git-providersbe6d462Upgrade go-git-providers and go-github023a357Merge pull request #1248 from fluxcd/label-2.97e8856dAdd backport label for Flux 2.9ae10469Merge pull request #1246 from fluxcd/ks-always-subst2cd36cbkustomize: add tests for empty vars with strict sub and omitted withoutUpdates
github.com/minio/minio-go/v7from 7.2.0 to 7.2.1Commits
7e34713feat: support in mc inventory for custom run schedule (#2244)016d0fdfeat: stream GetObjectAnnotation payload via io.ReadCloser (#2243)6c51637feat: stream PutObjectAnnotation payload via io.ReadSeeker (#2242)07c682afeat: add object annotation client APIs (#2241)53b504afix: caching defer bug (#2237)291e83fadd new aws region ap-southeast-6 (#2234)Updates
github.com/onsi/gomegafrom 1.41.0 to 1.42.1Release notes
Sourced from github.com/onsi/gomega's releases.
Changelog
Sourced from github.com/onsi/gomega's changelog.
Commits
ced6c1cv1.42.12beb9fbv1.42.1 (full)006cd2cbump al lthe things35ca084v1.42.0d72697bv1.42.0 (full)1f95d86add a set of claude skills as a marketplace pluginUpdates
github.com/sigstore/cosign/v3from 3.0.6 to 3.1.1Release notes
Sourced from github.com/sigstore/cosign/v3's releases.
Commits
7914231Fix build for Go version 1.26.3 (#4933)d8e992achore(deps): bump golang.org/x/crypto from 0.52.0 to 0.53.0 (#4929)305817bchore(deps): bump google.golang.org/api from 0.280.0 to 0.283.0 (#4925)09564f9chore(deps): bump github.com/theupdateframework/go-tuf/v2 (#4926)702cbe0chore(deps): bump golang in the all group across 1 directoryf3885a6chore(deps): bump github.com/go-openapi/swag/conv in the gomod group76a5eecchore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.6.0 to 2.7.0df2a334chore(deps): bump golang.org/x/term from 0.43.0 to 0.44.02620da6chore(deps): bump github.com/open-policy-agent/opa from 1.16.2 to 1.17.1282ff33chore(deps): bump the actions group across 1 directory with 4 updatesUpdates
github.com/sigstore/sigstore-gofrom 1.2.0 to 1.2.1Release notes
Sourced from github.com/sigstore/sigstore-go's releases.
Commits
4594ab4Check signature time against public key validity window (#642)3ad400cBump actions/checkout from 6.0.2 to 6.0.3 (#639)Updates
google.golang.org/apifrom 0.283.0 to 0.287.0Release notes
Sourced from google.golang.org/api's releases.
Changelog
Sourced from google.golang.org/api's changelog.
Commits
1a444d6chore(main): release 0.287.0 (#3636)9737c4bfeat(all): auto-regenerate discovery clients (#3639)f0d27e8chore(all): update all (#3638)5c975befeat(all): auto-regenerate discovery clients (#3637)504873efeat(all): auto-regenerate discovery clients (#3635)8f8eab4chore(all): update all to 87f3d3e (#3633)94e4ed9chore(main): release 0.286.0 (#3630)36081a0feat(all): auto-regenerate discovery clients (#3634)7332dd7feat(all): auto-regenerate discovery clients (#3632)b3bb97ffeat(all): auto-regenerate discovery clients (#3631)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions