Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update go modules #1430

Merged

Conversation

renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Mar 9, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change Pending
cloud.google.com/go/storage require minor v1.30.1 -> v1.32.0
github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test require minor v0.7.0 -> v0.8.0
github.com/GoogleCloudPlatform/config-validator require digest 1130fc5 -> 0da46e6
github.com/go-git/go-git/v5 require minor v5.7.0 -> v5.8.1
github.com/gomarkdown/markdown require digest c84983b -> 531d2d7
github.com/google/go-github/v53 require major v53.2.0 -> v54.0.0 v55.0.0
github.com/hashicorp/hcl/v2 require minor v2.17.0 -> v2.18.0
github.com/hashicorp/terraform-config-inspect require digest f32df32 -> b800820
github.com/iancoleman/strcase require minor v0.2.0 -> v0.3.0
github.com/jedib0t/go-pretty/v6 require patch v6.4.6 -> v6.4.7
github.com/open-policy-agent/opa require minor v0.54.0 -> v0.55.0 v0.56.0
golang.org/x/exp require digest 97b1e66 -> 9212866
golang.org/x/oauth2 require minor v0.9.0 -> v0.11.0 v0.12.0
golang.org/x/text require minor v0.10.0 -> v0.13.0
google.golang.org/api require minor v0.129.0 -> v0.138.0
gopkg.in/yaml.v2 require major v2.4.0 -> v3.0.1

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.


Release Notes

go-git/go-git (github.com/go-git/go-git/v5)

v5.8.1

Compare Source

What's Changed

Full Changelog: go-git/go-git@v5.8.0...v5.8.1

v5.8.0

Compare Source

What's Changed

New Contributors

Full Changelog: go-git/go-git@v5.7.0...v5.7.1

google/go-github (github.com/google/go-github/v53)

v54.0.0

Compare Source

This release contains the following breaking API changes:

  • Fix ListPullRequestsWithCommit option type (#​2822)
  • Support repository_id in org ruleset conditions (#​2825)
  • Fix repo rules bypass settings (#​2831)
  • Fix old_name field in AuditEntry (#​2849)

and the following additional changes:

  • Bump golang.org/x/net from 0.10.0 to 0.11.0 in /scrape (#​2814)
  • Bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 (#​2812)
  • Bump github.com/google/go-github/v53 from 53.0.0 to 53.2.0 in /scrape (#​2813)
  • Add Runner to generate-jitconfig method (#​2818)
  • Remove unnecessary use of fmt.Sprintf (#​2819)
  • Use bytes.Equal instead of bytes.Compare (#​2820)
  • Fix CreateOrUpdateOrgSecret regression introduced in v53 (#​2817)
  • Add Repository struct to SecretScanningAlert (#​2823)
  • Add support for personal access tokens request review API (#​2827)
  • Add support for personal_access_token_request webhook event type (#​2826)
  • Support line comments on PRs (#​2833)
  • Implement installation_target webhook event type (#​2829)
  • Add secret type display to secret scanning alert (#​2834)
  • Use a sentinel error when blocking paths for RepositoriesServices.GetContents (#​2837)
  • Add support for SAML SSO authorization APIs (#​2835)
  • Bump golang.org/x/net from 0.11.0 to 0.12.0 in /scrape (#​2839)
  • Bump golang.org/x/oauth2 from 0.9.0 to 0.10.0 (#​2840)
  • Add Dependabot field in security_and_analysis (#​2846)
  • Add new query params for AlertListOptions (#​2848)
  • Add old_name field to AuditEntry (#​2843)
  • Add OldLogin field to AuditEntryData (#​2850)
  • Check for nil pointer in update rule parameters (#​2854)
  • Fix dropped test error (#​2858)
  • Bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 (#​2859)
  • Bump golang.org/x/net from 0.12.0 to 0.14.0 in /scrape (#​2860)
  • Add ListOptions pagination for Dependabot alerts (#​2853)
  • Add support for Security Advisories Request CVE endpoint (#​2857)
  • Add support for the security and analysis webhook event (#​2862)
  • Add support for projects_v2 and projects_v2_item webhook events (#​2868)
  • Defer closing body before checking HTTP status code (#​2870)
  • Add GetAutomatedSecurityFixes to report status (#​2842)
  • Adding missing field important to find branch in fork from same owner (#​2873)
  • Add WorkflowRun and Workflow to DeploymentEvent (#​2755)
  • Replace deprectated crypto/ssh/terminal module in examples (#​2876)
  • Update workflow to use Go 1.21 and 1.20 (#​2878)
  • Add TriggeringActor to WorkflowRun (#​2879)
  • Add WebhookTypes and EventForType methods (#​2865)
  • Add support for fetching SBOMs (#​2869)
  • Add SubmoduleGitURL to RepositoryContent (#​2880)
  • Bump version of go-github to v54.0.0 (#​2881)
hashicorp/hcl (github.com/hashicorp/hcl/v2)

v2.18.0

Compare Source

Enhancements
  • HCL now uses the tables from Unicode 15 when performing string normalization and character segmentation. HCL was previously using the Unicode 13 tables.

    For calling applications where consistent Unicode support is important, consider also upgrading to Go 1.21 at the same time as adopting HCL v2.18.0 so that the standard library unicode tables (used for case folding, etc) will also be from Unicode 15.

v2.17.1

Compare Source

Enhancements
  • hclsyntax: When evaluating string templates that have a long known constant prefix, HCL will truncate the known prefix to avoid creating excessively-large refinements. String prefix refinements are intended primarily for relatively-short fixed prefixes, such as https:// at the start of a URL known to use that scheme. (#​617)
  • ext/tryfunc: The "try" and "can" functions now handle unknown values slightly more precisely, and so can return known values in more situations when given expressions referring to unknown symbols. (#​622)
Bugs Fixed
  • ext/typeexpr: Will no longer try to refine unknown values of unknown type when dealing with a user-specified type constraint containing the any keyword, avoiding an incorrect panic at runtime. (#​625)
  • ext/typeexpr: Now correctly handles attempts to declare the same object type attribute multiple times by returning an error. Previously this could potentially panic by creating an incoherent internal state. (#​624)
iancoleman/strcase (github.com/iancoleman/strcase)

v0.3.0

Compare Source

jedib0t/go-pretty (github.com/jedib0t/go-pretty/v6)

v6.4.7

Compare Source

Features

  • text
  • progress // thanks @​NathanBaulch for all of the following
    • support rendering trackers that haven't started yet (#​270)
    • secondary sort by start time (#​271)
    • stability fix for descending sorts (#​272)
    • render never started trackers properly (#​273)
    • overall ETA never less than max ETA (#​274)
open-policy-agent/opa (github.com/open-policy-agent/opa)

v0.55.0

Compare Source

NOTES:

  • All published OPA images now run with a non-root uid/gid. The uid:gid is set to 1000:1000 for all images. As a result
    there is no longer a need for the -rootless image variant and hence it will be not be published as part of future releases.
    This change is in line with container security best practices. OPA can still be run with root privileges by explicitly setting the user,
    either with the --user argument for docker run, or by specifying the securityContext in the Kubernetes Pod specification.

  • The minimum version of Go required to build the OPA module is 1.19

This release contains a mix of new features, bugfixes and a new builtin function.

Honor default keyword on functions

Previously if a function was defined with a default value, OPA would ignore it. Now the default function is honored
if all functions with the same name are undefined. For example,

package example

default clamp_positive(_) := 0

clamp_positive(x) = x {
    x > 0
}
$ opa eval -d example.rego 'data.example.clamp_positive(1)' -f pretty
1
$ opa eval -d example.rego 'data.example.clamp_positive(-1)' -f pretty
0

The value of a default function follows the same conditions as that of a default rule. In addition, a default
function satisfies the following properties:

  • same arity as other functions with the same name
  • arguments should only be plain variables ie. no composite values
  • argument names should not be repeated

NOTE:

default functions used to be previously ignored. If existing policies contain default functions, ensure that they conform
to the properties mentioned above. Otherwise, those policies will fail to evaluate.

Authored by @​ashutosh-narkar.

New Built-In Function: crypto.parse_private_keys

crypto.parse_private_keys returns zero or more private keys from the given encoded string containing DER certificate data.
If the input contains a list of one or more concatenated PEM blocks, then the built-in will output the parsed private keys
represented as objects.

See the documentation on the new built-in
for all the details.

Authored by @​volck.

Runtime, Tooling, SDK
  • plugins/rest: Add AWS KMS support for OAuth2 Client Credentials JWT authentication (#​5942) authored by @​prasanthu
  • sdk: Update input object to conform to the format expected by decision log masking (#​6090) authored by @​epaulson10
  • sdk: Add option for specifying decision ID to SDK. Users can use this to control the ID that gets included in the decision logs (#​6101) authored by @​brianchhun-chime
  • cmd: Add discard output format to opa eval which discards the result while still showing the output of eval flags like --profile (#​6103) authored by @​26tanishabanik
  • Make rootless deprecation messages more explicit as all published OPA images now run with non-root uid/gid (#​6091) authored by @​charlieegan3
  • download/oci: Add support for Docker Registry v2 authentication scheme (#​6045) authored by @​gitu and @​DerGut
  • plugins/discovery: Ensure discovery plugin doesn't erase its own config on the plugin manager (#​6070) authored by @​blacksails
Topdown and Rego
  • ast: Add WithRoots compiler option that allows callers to set the roots to include in the output bundle manifest (#​6088) authored by @​kubaj
  • rego: Parse store modules iff modules set on the Rego object. This change assumes that while using the Rego package, the compiler and store are kept in-sync, and thereby attempts to avoid a race during the compilation process (#​6081) authored by @​ashutosh-narkar
Docs
Website + Ecosystem
Miscellaneous
  • chore: Update comments on some exported functions and clean up instances where the same package was imported multiple times (authored by @​testwill)
  • Fix issue in the OPA release patch scripts related to CRLF line terminations in the patch output (#​6069) authored by @​johanfylling
  • Dependency bumps, notably:
    • golang from 1.20.5 to 1.20.6
    • oras.land/oras-go/v2 from 2.2.0 to 2.2.1
    • google.golang.org/grpc from 1.56.1 to 1.56.2
    • github.com/containerd/containerd from 1.6.19 to 1.7.2
    • golang.org/x/net from 0.11.0 to 0.12.0
    • go.uber.org/automaxprocs from 1.5.2 to 1.5.3
    • go.opentelemetry.io/otel from v1.14.0 to v1.16.0 (#​6062) authored by @​srenatus with feedback from @​ghaskins and @​zregvart
googleapis/google-api-go-client (google.golang.org/api)

v0.138.0

Compare Source

Features

v0.137.0

Compare Source

Features

v0.136.0

Compare Source

Features

v0.135.0

Compare Source

Features

v0.134.0

Compare Source

Features

v0.133.0

Compare Source

Features

v0.132.0

Compare Source

Features

v0.131.0

Compare Source

Features

v0.130.0

Compare Source

Features
go-yaml/yaml (gopkg.in/yaml.v2)

v3.0.1

Compare Source

v3.0.0

Compare Source


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@forking-renovate forking-renovate bot added the dependencies Pull requests that update a dependency file label Mar 9, 2023
@dpebot
Copy link
Collaborator

dpebot commented Mar 9, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 10, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 10, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 10, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 11, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 11, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 11, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 12, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 12, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 12, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 12, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 13, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Mar 13, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 1, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 4, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 4, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 5, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 5, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 5, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 5, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 6, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 6, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 6, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 6, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 6, 2023

/gcbrun

@dpebot
Copy link
Collaborator

dpebot commented Sep 6, 2023

/gcbrun

@apeabody apeabody changed the title chore(deps): update go modules fix(deps): update go modules Sep 6, 2023
@apeabody apeabody merged commit 6400f32 into GoogleCloudPlatform:master Sep 6, 2023
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants