chore(deps): bump the go group with 5 updates #124

dependabot · 2024-03-10T16:49:14Z

Bumps the go group with 5 updates:

Package	From	To
github.com/fluxcd/pkg/apis/meta	`1.1.2`	`1.3.0`
github.com/fluxcd/pkg/runtime	`0.42.0`	`0.44.1`
github.com/go-logr/logr	`1.3.0`	`1.4.1`
github.com/open-component-model/ocm	`0.4.0`	`0.8.0`
github.com/stretchr/testify	`1.8.4`	`1.9.0`

Updates github.com/fluxcd/pkg/apis/meta from 1.1.2 to 1.3.0

Commits

31388ce Merge pull request #727 from fluxcd/distribution-up
328eb42 Update OCI distribution to v3.0.0-alpha.1
7fabcd8 Merge pull request #684 from somtochiama/pull-static-file-oci
a330445 fix options
255f8fc test for static archive
f155227 refactor test
8687514 implement pull static artifact
4624208 Merge pull request #726 from fluxcd/deps-kube-v0.28.6
30da897 Update dependencies
63e3e9c Merge pull request #725 from fluxcd/dependabot/github_actions/ci-f38fbd1956
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.42.0 to 0.44.1

Commits

2e7e8fe Merge pull request #730 from fluxcd/conditions-HasAnyReasons
1ae7daf runtime: Add HasAnyReason to conditions getter
db52a67 Merge pull request #729 from fluxcd/dependabot/github_actions/ci-727f6c18fd
ea2c064 build(deps): bump the ci group with 2 updates
e5ca530 Merge pull request #728 from fluxcd/internal-deps
ac45fb6 Update internal dependencies
31388ce Merge pull request #727 from fluxcd/distribution-up
328eb42 Update OCI distribution to v3.0.0-alpha.1
7fabcd8 Merge pull request #684 from somtochiama/pull-static-file-oci
a330445 fix options
Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.3.0 to 1.4.1

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.1

What's Changed

slogr: fix unintended API break in v1.4.0 by @pohly in go-logr/logr#253

Full Changelog: go-logr/logr@v1.4.0...v1.4.1

v1.4.0

This release dramatically improves interoperability with Go's log/slog package. In particular, logr.NewContext and logr.NewContextWithSlogLogger use the same context key, which allows logr.FromContext and logr.FromContextAsSlogLogger to return logr.Logger or *slog.Logger respectively, including transparently converting each to the other as needed.

Functions logr/slogr.NewLogr and logr/slogr.ToSlogHandler have been superceded by logr.FromSlogHandler and logr.ToSlogHandler respectively, and type logr/slogr.SlogSink has been superceded by logr.SlogSink. All of the old names in logr/slogr remain, for compatibility.

Package logr/funcr now supports logr.SlogSink, meaning that it's output passes all but one of the Slog conformance tests (that exception being that funcr handles the timestamp itself).

Users who have a logr.Logger and need a *slog.Logger can call slog.New(logr.ToSlogHandler(...)) and all output will go through the same stack.

Users who have a *slog.Logger or slog.Handler can call logr.FromSlogHandler(...) and all output will go through the same stack.

What's Changed

slog context support by @pohly in go-logr/logr#237

slog support: fix WithGroup + WithValues combination by @pohly in go-logr/logr#243

Add tests for context with slog by @thockin in go-logr/logr#246

sloghandler: unnamed groups should be inlined by @thockin in go-logr/logr#245

Add SlogSink support to funcr by @thockin in go-logr/logr#241

funcr: Add LogInfoLevel Option to skip logging level in the info log by @spacewander in go-logr/logr#240

New Contributors

@spacewander made their first contribution in go-logr/logr#240

Full Changelog: go-logr/logr@v1.3.0...v1.4.0

Commits

dcdc3f2 slogr: fix unintended API break in v0.8.0 (#253)
5d88f52 funcr: Add LogInfoLevel Option to skip logging level in the info log (#240)
177005d build(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0
e7f489a build(deps): bump github/codeql-action from 2.22.9 to 3.22.11
cf56c3b build(deps): bump actions/setup-go from 4 to 5
2ad296e build(deps): bump github/codeql-action from 2.22.8 to 2.22.9
d55b4e2 Merge pull request #241 from thockin/master
98ee9d9 Clean up slog testing and restore coverage
b228ba8 Break examples to new file
6432877 Add benchmarks for slogSink
Additional commits viewable in compare view

Updates github.com/open-component-model/ocm from 0.4.0 to 0.8.0

Release notes

Sourced from github.com/open-component-model/ocm's releases.

v0.8.0

Release v0.8.0

use app token in release (#692)

Bump the ci group with 1 update (#686)

Bump the go_modules group group with 2 updates (#689)

Bump helm.sh/helm/v3 from 3.12.2 to 3.14.1 (#659)

MIT LICENSE for npm publish gist (#684)

cli: verify digests (#681)

fix transfer OCI index (#683)

Bump the ci group with 1 update (#678)

remove second trigger and just keep pull_request_target (#682)

Bump the go group with 35 updates (#679)

component version check as lib function (#675)

Wget access method (#630)

v0.7.0

Release v0.7.0

parse and validate some input parameters as filesystem-paths (#669)

Reference Hint Check fixed + alignment of configure function (#672)

Npm/config (#653)

fix cd copy + rsa-pss-signingserver (#670)

let's run only, where we have API key available (#667)

Bump the ci group with 2 updates (#663)

Bump github.com/lestrrat-go/jwx/v2 from 2.0.16 to 2.0.19 (#635)

make use of windows-driver-letter fix (#666)

fix field name for srcRefs (#651)

Check Command to check completeness of a component version graph (#644)

signing support for rsa-pss (#640)

default config handlers (#660)

add epic (#654)

Bump the ci group with 6 updates (#641)

Fix/npm publish (#650)

publish npm packages (#636)

switch to preferred new $defs (#536)

Make ocm flake.nix ready (#625)

Bump the ci group with 2 updates (#631)

Filter Option for Transferring OCI Index Artifacts (#620)

Bump github.com/cloudflare/circl from 1.3.5 to 1.3.7 (#622)

fix tour01 docu (#623)

add PR target (#624)

Extended Tour Documentation (#614)

v0.6.0

Release v0.6.0

Bump github.com/containerd/containerd from 1.7.6 to 1.7.11 (#606)

fix credential provider handling (#611)

fix ref detection for ca/ctf (#607)

... (truncated)

Commits

21dacd0 Release v0.8.0
036adb6 ReleaseNotes for v0.8.0
6a87dac use app token in release (#692)
1a3efd0 Bump the ci group with 1 update (#686)
97498a6 Bump the go_modules group group with 2 updates (#689)
bfff740 Update dependabot.yml
715e348 Bump helm.sh/helm/v3 from 3.12.2 to 3.14.1 (#659)
c7696dd MIT LICENSE for npm publish gist (#684)
5b2f655 cli: verify digests (#681)
e4d14a1 fix transfer OCI index (#683)
Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.8.4 to 1.9.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.9.0

What's Changed

Fix Go modules version by @SuperQ in stretchr/testify#1394

Document that require is not safe to call in created goroutines by @programmer04 in stretchr/testify#1392

Remove myself from MAINTAINERS.md by @mvdkleijn in stretchr/testify#1367

Correct spelling/grammar by @echarrod in stretchr/testify#1389

docs: Update URLs in README by @davidjb in stretchr/testify#1349

Update mockery link to Github Pages in README by @LandonTClipp in stretchr/testify#1346

docs: Fix typos in tests and comments by @alexandear in stretchr/testify#1410

CI: tests from go1.17 by @SuperQ in stretchr/testify#1409

Fix adding ? when no values passed by @lesichkovm in stretchr/testify#1320

codegen: use standard header for generated files by @dolmen in stretchr/testify#1406

mock: AssertExpectations log reason only on failure by @hikyaru-suzuki in stretchr/testify#1360

assert: fix flaky TestNeverTrue by @dolmen in stretchr/testify#1417

README: fix typos "set up" vs "setup" by @ossan-dev in stretchr/testify#1428

mock: move regexp compilation outside of Called by @aud10slave in stretchr/testify#631

assert: refactor internal func getLen() by @dolmen in stretchr/testify#1445

mock: deprecate type AnythingOfTypeArgument (#1434) by @dolmen in stretchr/testify#1441

Remove no longer needed assert.canConvert by @alexandear in stretchr/testify#1470

assert: ObjectsAreEqual: use time.Equal for time.Time types by @tscales in stretchr/testify#1464

Bump actions/checkout from 3 to 4 by @dependabot in stretchr/testify#1466

Bump actions/setup-go from 3.2.0 to 4.1.0 by @dependabot in stretchr/testify#1451

fix: make EventuallyWithT concurrency safe by @czeslavo in stretchr/testify#1395

assert: fix httpCode and HTTPBody occur panic when http.Handler read Body by @hidu in stretchr/testify#1484

assert.EqualExportedValues: fix handling of arrays by @zrbecker in stretchr/testify#1473

.github: use latest Go versions by @kevinburkesegment in stretchr/testify#1489

assert: Deprecate EqualExportedValues by @HaraldNordgren in stretchr/testify#1488

suite: refactor test assertions by @alexandear in stretchr/testify#1474

suite: fix SetupSubTest and TearDownSubTest execution order by @linusbarth in stretchr/testify#1471

docs: Fix deprecation comments for http package by @alexandear in stretchr/testify#1335

Add map support doc comments to Subset and NotSubset by @jedevc in stretchr/testify#1306

TestErrorIs/TestNotErrorIs: check error message contents by @craig65535 in stretchr/testify#1435

suite: fix subtest names (fix #1501) by @dolmen in stretchr/testify#1504

assert: improve unsafe.Pointer tests by @dolmen in stretchr/testify#1505

assert: simplify isNil implementation by @dolmen in stretchr/testify#1506

assert.InEpsilonSlice: fix expected/actual order and other improvements by @dolmen in stretchr/testify#1483

Fix dependency cycle with objx #1292 by @dolmen in stretchr/testify#1453

mock: refactor TestIsArgsEqual by @dolmen in stretchr/testify#1444

mock: optimize argument matching checks by @dolmen in stretchr/testify#1416

assert: fix TestEventuallyTimeout by @dolmen in stretchr/testify#1412

CI: add go 1.21 in GitHub Actions by @dolmen in stretchr/testify#1450

suite: fix recoverAndFailOnPanic to report test failure at the right location by @dolmen in stretchr/testify#1502

Update maintainers by @brackendawson in stretchr/testify#1533

assert: Fix EqualValues to handle overflow/underflow by @arjunmahishi in stretchr/testify#1531

assert: better formatting for Len() error by @kevinburkesegment in stretchr/testify#1485

Ensure AssertExpectations does not fail in skipped tests by @ianrose14 in stretchr/testify#1331

suite: fix deadlock in suite.Require()/Assert() by @arjunmahishi in stretchr/testify#1535

Revert "assert: ObjectsAreEqual: use time.Equal for time.Time type" by @brackendawson in stretchr/testify#1537

[chore] Add issue templates by @arjunmahishi in stretchr/testify#1538

Update the build status badge by @brackendawson in stretchr/testify#1540

... (truncated)

Commits

bb548d0 Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...
814075f build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2
e045612 Merge pull request #1339 from bogdandrutu/uintptr
5b6926d Merge pull request #1385 from hslatman/not-implements
9f97d67 Merge pull request #1550 from stretchr/release-notes
bcb0d3f Include the auto-release notes in releases
fb770f8 Merge pull request #1247 from ccoVeille/typos
85d8bb6 fix typos in comments, tests and github templates
e2741fa Merge pull request #1548 from arjunmahishi/msgAndArgs
6e59f20 http_assertions: assert that the msgAndArgs actually works in tests
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go group with 5 updates: | Package | From | To | | --- | --- | --- | | [github.com/fluxcd/pkg/apis/meta](https://github.com/fluxcd/pkg) | `1.1.2` | `1.3.0` | | [github.com/fluxcd/pkg/runtime](https://github.com/fluxcd/pkg) | `0.42.0` | `0.44.1` | | [github.com/go-logr/logr](https://github.com/go-logr/logr) | `1.3.0` | `1.4.1` | | [github.com/open-component-model/ocm](https://github.com/open-component-model/ocm) | `0.4.0` | `0.8.0` | | [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.8.4` | `1.9.0` | Updates `github.com/fluxcd/pkg/apis/meta` from 1.1.2 to 1.3.0 - [Commits](fluxcd/pkg@apis/meta/v1.1.2...apis/meta/v1.3.0) Updates `github.com/fluxcd/pkg/runtime` from 0.42.0 to 0.44.1 - [Commits](fluxcd/pkg@runtime/v0.42.0...runtime/v0.44.1) Updates `github.com/go-logr/logr` from 1.3.0 to 1.4.1 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.3.0...v1.4.1) Updates `github.com/open-component-model/ocm` from 0.4.0 to 0.8.0 - [Release notes](https://github.com/open-component-model/ocm/releases) - [Changelog](https://github.com/open-component-model/ocm/blob/main/.goreleaser.yaml) - [Commits](open-component-model/ocm@v0.4.0...v0.8.0) Updates `github.com/stretchr/testify` from 1.8.4 to 1.9.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/fluxcd/pkg/apis/meta dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/pkg/runtime dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/go-logr/logr dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/open-component-model/ocm dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go ... Signed-off-by: dependabot[bot] <[email protected]>

github-actions · 2024-03-10T16:50:29Z

Mend Scan Summary: ❌

Repository: open-component-model/replication-controller

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	0
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	0
LICENSE RISK HIGH	4
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI

dependabot · 2024-03-18T14:10:11Z

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 10, 2024

dependabot bot mentioned this pull request Mar 10, 2024

chore(deps): bump the go group with 5 updates #120

Closed

Skarlso closed this Mar 18, 2024

dependabot bot deleted the dependabot/go_modules/go-28020aed76 branch March 18, 2024 14:10

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the go group with 5 updates #124

chore(deps): bump the go group with 5 updates #124

dependabot bot commented on behalf of github Mar 10, 2024 •

edited

Loading

github-actions bot commented Mar 10, 2024

dependabot bot commented on behalf of github Mar 18, 2024

chore(deps): bump the go group with 5 updates #124

chore(deps): bump the go group with 5 updates #124

Conversation

dependabot bot commented on behalf of github Mar 10, 2024 • edited Loading

v1.4.1

What's Changed

v1.4.0

What's Changed

New Contributors

v0.8.0

v0.7.0

v0.6.0

v1.9.0

What's Changed

github-actions bot commented Mar 10, 2024

Mend Scan Summary: ❌

Repository: open-component-model/replication-controller

dependabot bot commented on behalf of github Mar 18, 2024

dependabot bot commented on behalf of github Mar 10, 2024 •

edited

Loading