Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the go group across 1 directory with 4 updates #166

Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the go group across 1 directory with 4 updates #166

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 1, 2024
edited
Loading

Bumps the go group with 3 updates in the / directory: github.com/Masterminds/semver/v3, github.com/fluxcd/pkg/apis/meta and github.com/fluxcd/pkg/runtime.

Updates github.com/Masterminds/semver/v3 from 3.2.1 to 3.3.0

Release notes

Sourced from github.com/Masterminds/semver/v3's releases.

v3.3.0

What's Changed

New Contributors

Full Changelog: Masterminds/semver@v3.2.1...v3.3.0

Changelog

Sourced from github.com/Masterminds/semver/v3's changelog.

3.3.0 (2024-08-27)

Added

Changed

  • #241: Simplify StrictNewVersion parsing (thanks @​grosser)
  • Testing support up through Go 1.23
  • Minimum version set to 1.21 as this is what's tested now
  • Fuzz testing now supports caching
Commits
  • e6e3d4d Merge pull request #249 from mattfarina/update-changelog-3.3.0
  • e80c4ea Updating changelog for 3.3.0
  • 80427ad Merge pull request #248 from mattfarina/bump-min-version
  • b610837 bumping min version in go.mod based on what's tested
  • a4cccd8 Merge pull request #246 from mattfarina/bump-go-1.23
  • 7c178cf Updating the testing version of Go used
  • 29f94c1 Merge pull request #241 from grosser/grosser/validate
  • 2cf1b16 Merge pull request #245 from mattfarina/remove-vert
  • b55476a Removing reference to vert
  • d07450b simplify StrictNewVersion
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.1.2 to 1.6.0

Commits
  • be8df7e Merge pull request #801 from fluxcd/k8s-1.31
  • 76035f8 Update Helm to v3.15.4
  • 3f5cf4c Build with Go 1.23
  • 4b90241 Update dependencies to Kubernetes v1.31.0
  • 0e61a3b Merge pull request #799 from fluxcd/dependabot/github_actions/ci-9f4b007c5b
  • 6bf4bad build(deps): bump the ci group with 4 updates
  • 968f190 Merge pull request #795 from fluxcd/dependabot/github_actions/ci-8fa51b1870
  • bce8cab build(deps): bump the ci group across 1 directory with 8 updates
  • 7d033c1 Merge pull request #798 from fluxcd/cleanup-aws-nuke
  • e98ccfa workflow: Set aws-nuke region for cleanup
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.42.0 to 0.49.0

Commits
  • 7b3f43c Merge pull request #803 from fluxcd/controller-runtime-v0.19.0
  • da3ccfe Update sigs.k8s.io/controller-runtime to v0.19.0
  • bd579fc Merge pull request #802 from fluxcd/k8s-1.31-internal
  • c06927b Update internal packages
  • be8df7e Merge pull request #801 from fluxcd/k8s-1.31
  • 76035f8 Update Helm to v3.15.4
  • 3f5cf4c Build with Go 1.23
  • 4b90241 Update dependencies to Kubernetes v1.31.0
  • 0e61a3b Merge pull request #799 from fluxcd/dependabot/github_actions/ci-9f4b007c5b
  • 6bf4bad build(deps): bump the ci group with 4 updates
  • Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Dependencies:

Full Changelog: go-logr/logr@v1.4.1...v1.4.2

Commits
  • 1205f42 Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...
  • ccedcbd Merge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...
  • bead577 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
  • a492d95 build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
  • 19ad07c build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
  • 1c97a21 build(deps): bump actions/checkout from 4.1.4 to 4.1.5
  • f70c5b5 build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
  • 4ade8d3 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1
  • 88d98bd Merge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...
  • 432cd86 Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the go group across 1 directory with 4 updates
ee77bce 
Bumps the go group with 3 updates in the / directory: [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver), [github.com/fluxcd/pkg/apis/meta](https://github.com/fluxcd/pkg) and [github.com/fluxcd/pkg/runtime](https://github.com/fluxcd/pkg).


Updates `github.com/Masterminds/semver/v3` from 3.2.1 to 3.3.0
- [Release notes](https://github.com/Masterminds/semver/releases)
- [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md)
- [Commits](Masterminds/semver@v3.2.1...v3.3.0)

Updates `github.com/fluxcd/pkg/apis/meta` from 1.1.2 to 1.6.0
- [Commits](fluxcd/pkg@apis/meta/v1.1.2...apis/meta/v1.6.0)

Updates `github.com/fluxcd/pkg/runtime` from 0.42.0 to 0.49.0
- [Commits](fluxcd/pkg@runtime/v0.42.0...runtime/v0.49.0)

Updates `github.com/go-logr/logr` from 1.4.1 to 1.4.2
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.4.1...v1.4.2)

---
updated-dependencies:
- dependency-name: github.com/Masterminds/semver/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/apis/meta
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 1, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 1, 2024

Mend Scan Summary: ❌

Repository: open-component-model/replication-controller

VIOLATION DESCRIPTION NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES 6
MAJOR UPDATES AVAILABLE 0
LICENSE REQUIRES REVIEW 1
LICENSE RISK HIGH 7
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY 0

Detailed Logs: mend-scan-> Generate Report
Mend UI

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 15, 2024

Superseded by #167.

@dependabot dependabot bot closed this Sep 15, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/go-db777d41f4 branch September 15, 2024 16:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants