build(deps): bump the go-dependencies group with 6 updates by dependabot[bot] · Pull Request #1990 · buildpacks/pack

dependabot · 2023-11-20T22:52:02Z

Bumps the go-dependencies group with 6 updates:

Package	From	To
github.com/onsi/gomega	`1.29.0`	`1.30.0`
github.com/spf13/cobra	`1.7.0`	`1.8.0`
golang.org/x/crypto	`0.14.0`	`0.15.0`
golang.org/x/mod	`0.13.0`	`0.14.0`
golang.org/x/oauth2	`0.13.0`	`0.14.0`
golang.org/x/sync	`0.4.0`	`0.5.0`

Updates github.com/onsi/gomega from 1.29.0 to 1.30.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.30.0

1.30.0

Features

BeTrueBecause and BeFalseBecause allow for better failure messages [4da4c7f]

Maintenance

Bump actions/checkout from 3 to 4 (#694) [6ca6e97]

doc: fix type on gleak go doc [f1b8343]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.30.0

Features

BeTrueBecause and BeFalseBecause allow for better failure messages [4da4c7f]

Maintenance

Bump actions/checkout from 3 to 4 (#694) [6ca6e97]

doc: fix type on gleak go doc [f1b8343]

Commits

f804ac6 v1.30.0
4da4c7f BeTrueBecause and BeFalseBecause allow for better failure messages
6ca6e97 Bump actions/checkout from 3 to 4 (#694)
f1b8343 doc: fix type on gleak go doc
See full diff in compare view

Updates github.com/spf13/cobra from 1.7.0 to 1.8.0

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.0

✨ Features

Support usage as plugin for tools like kubectl by @nirs in spf13/cobra#2018 - this means that programs that utilize a "plugin-like" structure have much better support and usage (like for completions, command paths, etc.)

Move documentation sources to site/content by @umarcor in spf13/cobra#1428

Add 'one required flag' group by @marevers in spf13/cobra#1952 - this includes a new MarkFlagsOneRequired API for flags which can be used to mark a flag group as required and cause command failure if at least one is not used when invoked.

Customizable error message prefix by @5ouma in spf13/cobra#2023 - This adds the SetErrPrefix and ErrPrefix APIs on the Command struct to allow for setting a custom prefix for errors

feat: add getters for flag completions by @avirtopeanu-ionos in spf13/cobra#1943

Feature: allow running persistent run hooks of all parents by @vkhoroz in spf13/cobra#2044

Improve API to get flag completion function by @marckhouzam in spf13/cobra#2063

🐛 Bug fixes

Fix typo in fish completions by @twpayne in spf13/cobra#1945

Fix grammar: 'allows to' by @supertassu in spf13/cobra#1978

powershell: escape variable with curly brackets by @Luap99 in spf13/cobra#1960

Don't complete --help flag when flag parsing disabled by @marckhouzam in spf13/cobra#2061

Replace all non-alphanumerics in active help env var program prefix by @scop in spf13/cobra#1940

🔧 Maintenance

build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 by @dependabot in spf13/cobra#1971

build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 by @dependabot in spf13/cobra#1976

build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @dependabot in spf13/cobra#2021

build(deps): bump actions/setup-go from 3 to 4 by @dependabot in spf13/cobra#1934

build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.2 to 2.0.3 by @dependabot in spf13/cobra#2047

build(deps): bump actions/checkout from 3 to 4 by @dependabot in spf13/cobra#2028

command: temporarily disable G602 due to securego/gosec#1005 by @umarcor in spf13/cobra#2022

🧪 Testing & CI/CD

test: make fish_completions_test more robust by @branchvincent in spf13/cobra#1980

golangci: enable 'unused' and disable deprecated replaced by it by @umarcor in spf13/cobra#1983

cleanup: minor corrections to unit tests by @JunNishimura in spf13/cobra#2003

ci: test golang 1.21 by @nunoadrego in spf13/cobra#2024

Fix linter errors by @marckhouzam in spf13/cobra#2052

Add tests for flag completion registration by @marckhouzam in spf13/cobra#2053

✏️ Documentation

doc: fix typo, Deperecated -> Deprecated by @callthingsoff in spf13/cobra#2000

Add notes to doc about the execution condition of *PreRun and *PostRun functions by @haoming29 in spf13/cobra#2041

Thank you everyone who contributed to this release and all your hard work! Cobra and this community would never be possible without all of you!!!! 🐍

Full Changelog: spf13/cobra@v1.7.0...v1.8.0

Commits

a0a6ae0 Improve API to get flag completion function (#2063)
890302a Support usage as plugin for tools like kubectl (#2018)
48cea5c build(deps): bump actions/checkout from 3 to 4 (#2028)
22953d8 Replace all non-alphanumerics in active help env var program prefix (#1940)
00b68a1 Add tests for flag completion registration (#2053)
b711e87 Don't complete --help flag when flag parsing disabled (#2061)
8b1eba4 Fix linter errors (#2052)
4cafa37 Allow running persistent run hooks of all parents (#2044)
5c962a2 build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.2 to 2.0.3 (#2047)
efe8fa3 build(deps): bump actions/setup-go from 3 to 4 (#1934)
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.14.0 to 0.15.0

Commits

eb61739 ssh: allow to configure public key auth algorithms on the server side
42c83ff ssh: try harder to detect incorrect passwords for legacy PEM encryption
e668aa9 go.mod: update golang.org/x dependencies
df0bc9e chacha20poly1305: guard PSHUFB usage with GOAMD64_v2
74c2ba9 crypto/hkdf: remove useless call to Reset
cf8dcb0 ssh: add test case against ssh CLI
4f30245 x509roots: catch the zero-roots case when generating the bundle
1d57292 x509roots: check HTTP response status code and media type
8779cbd all: update go directive to 1.18
2aeefc3 ssh: add support for SSH_AGENT_CONSTRAIN_EXTENSION with id 255
See full diff in compare view

Updates golang.org/x/mod from 0.13.0 to 0.14.0

Commits

6e58e47 modfile: improve directory path detection and error text consistency
See full diff in compare view

Updates golang.org/x/oauth2 from 0.13.0 to 0.14.0

Commits

e067960 go.mod: update golang.org/x dependencies
4c91c17 google: adds header to security considerations section
See full diff in compare view

Updates golang.org/x/sync from 0.4.0 to 0.5.0

Commits

10739b0 all: update go directive to 1.18
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

jjbustamante · 2023-11-22T21:12:57Z

@dependabot rebase

Bumps the go-dependencies group with 6 updates: | Package | From | To | | --- | --- | --- | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.29.0` | `1.30.0` | | [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.7.0` | `1.8.0` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.14.0` | `0.15.0` | | [golang.org/x/mod](https://github.com/golang/mod) | `0.13.0` | `0.14.0` | | [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.13.0` | `0.14.0` | | [golang.org/x/sync](https://github.com/golang/sync) | `0.4.0` | `0.5.0` | Updates `github.com/onsi/gomega` from 1.29.0 to 1.30.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.29.0...v1.30.0) Updates `github.com/spf13/cobra` from 1.7.0 to 1.8.0 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.7.0...v1.8.0) Updates `golang.org/x/crypto` from 0.14.0 to 0.15.0 - [Commits](golang/crypto@v0.14.0...v0.15.0) Updates `golang.org/x/mod` from 0.13.0 to 0.14.0 - [Commits](golang/mod@v0.13.0...v0.14.0) Updates `golang.org/x/oauth2` from 0.13.0 to 0.14.0 - [Commits](golang/oauth2@v0.13.0...v0.14.0) Updates `golang.org/x/sync` from 0.4.0 to 0.5.0 - [Commits](golang/sync@v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot requested review from a team as code owners November 20, 2023 22:52

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code type/chore Issue that requests non-user facing changes. labels Nov 20, 2023

dependabot Bot mentioned this pull request Nov 20, 2023

build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 #1988

Closed

github-actions Bot added this to the 0.33.0 milestone Nov 20, 2023

dependabot Bot force-pushed the dependabot/go_modules/go-dependencies-a40e22e4d4 branch from 7d1c91d to f2f5379 Compare November 22, 2023 21:14

jjbustamante approved these changes Nov 22, 2023

View reviewed changes

jjbustamante merged commit 9c8223c into main Nov 22, 2023

jjbustamante deleted the dependabot/go_modules/go-dependencies-a40e22e4d4 branch November 22, 2023 21:37

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the go-dependencies group with 6 updates#1990

build(deps): bump the go-dependencies group with 6 updates#1990
jjbustamante merged 1 commit intomainfrom
dependabot/go_modules/go-dependencies-a40e22e4d4

dependabot Bot commented on behalf of github Nov 20, 2023 •

edited

Loading

Uh oh!

jjbustamante commented Nov 22, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Nov 20, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v1.30.0

1.30.0

Features

Maintenance

1.30.0

Features

Maintenance

v1.8.0

✨ Features

🐛 Bug fixes

🔧 Maintenance

🧪 Testing & CI/CD

✏️ Documentation

Uh oh!

jjbustamante commented Nov 22, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Nov 20, 2023 •

edited

Loading