Skip to content

fix(deps): update all non-major dependencies in .github/workflows/regression.yml #1342

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update all non-major dependencies in .github/workflows/regression.yml #1342

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Apr 5, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change OpenSSF
codecov/codecov-action action digest 0565863 -> ad3126e OpenSSF Scorecard
github.com/corazawaf/coraza-coreruleset/v4 require minor v4.10.0 -> v4.13.0 OpenSSF Scorecard
github.com/mccutchen/go-httpbin/v2 require patch v2.18.0 -> v2.18.1 OpenSSF Scorecard
github/codeql-action action digest 1b549b9 -> 45775bd OpenSSF Scorecard

Release Notes

corazawaf/coraza-coreruleset (github.com/corazawaf/coraza-coreruleset/v4)

v4.13.0

Compare Source

v4.13.0 ships:

Note that to run the CRS regression tests against this version:

  • An updated version (>=v1.0.0) of go-ftw is needed. See go-ftw releases.
  • Albedo is expected to be the backend server.

Full Changelog: corazawaf/coraza-coreruleset@v4.12.0...v4.13.0

v4.12.0

Compare Source

v4.12.0 ships:

Note that to run the CRS regression tests against this version:

  • An updated version (>=v1.0.0) of go-ftw is needed. See go-ftw releases.
  • Albedo is expected to be the backend server.

Full Changelog: corazawaf/coraza-coreruleset@v4.11.0...v4.12.0

v4.11.0

Compare Source

v4.11.0 ships:

Note that to run the CRS regression tests against this version:

  • An updated version (>=v1.0.0) of go-ftw is needed. See go-ftw releases.
  • Albedo is expected to be the backend server.

Full Changelog: corazawaf/coraza-coreruleset@v4.10.0...v4.11.0

mccutchen/go-httpbin (github.com/mccutchen/go-httpbin/v2)

v2.18.1

Compare Source

What's Changed

Full Changelog: mccutchen/go-httpbin@v2.18.0...v2.18.1

Configuration

📅 Schedule: Branch creation - "* 0-3 * * *" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Apr 5, 2025
@renovate renovate bot requested a review from a team as a code owner April 5, 2025 02:09
@renovate renovate bot enabled auto-merge (squash) April 5, 2025 02:09
@codecov Codecov
Copy link

codecov bot commented Apr 5, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 16.50%. Comparing base (ad40dcb) to head (048cc3f).

❗ There is a different number of reports uploaded between BASE (ad40dcb) and HEAD (048cc3f). Click for more details.

HEAD has 349 uploads less than BASE
Flag BASE (ad40dcb) HEAD (048cc3f)
default 32 1
ftw 32 1
tinygo 16 1
memoize_builders 44 0
no_fs_access 55 0
coraza.rule.multiphase_evaluation 54 0
coraza.rule.case_sensitive_args_keys 40 0
coraza.rule.no_regex_multiline 48 0
examples+memoize_builders 4 0
examples+coraza.rule.case_sensitive_args_keys 16 0
examples+coraza.rule.no_regex_multiline 8 0
examples+no_fs_access 1 0
examples+coraza.rule.multiphase_evaluation 2 0
Additional details and impacted files 
@@             Coverage Diff             @@
##             main    #1342       +/-   ##
===========================================
- Coverage   84.01%   16.50%   -67.52%     
===========================================
  Files         170      150       -20     
  Lines        9803     9000      -803     
===========================================
- Hits         8236     1485     -6751     
- Misses       1323     7332     +6009     
+ Partials      244      183       -61
Flag Coverage Δ
coraza.rule.case_sensitive_args_keys ?
coraza.rule.multiphase_evaluation ?
coraza.rule.no_regex_multiline ?
default 16.50% <ø> (-67.52%) ⬇️
examples+ 16.50% <ø> (ø)
examples+coraza.rule.case_sensitive_args_keys ?
examples+coraza.rule.multiphase_evaluation ?
examples+coraza.rule.no_regex_multiline ?
examples+memoize_builders ?
examples+no_fs_access ?
ftw 16.50% <ø> (-67.52%) ⬇️
memoize_builders ?
no_fs_access ?
tinygo 16.50% <ø> (-67.49%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@renovate renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from cb357a9 to 3ed33f2 Compare April 7, 2025 09:56
@renovate renovate bot changed the title fix(deps): update module github.com/mccutchen/go-httpbin/v2 to v2.18.1 in go.mod fix(deps): update all non-major dependencies in go.mod Apr 7, 2025
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 1616daa to 4045440 Compare April 8, 2025 17:07
@renovate renovate bot added minor and removed patch labels Apr 8, 2025
@renovate renovate bot changed the title fix(deps): update all non-major dependencies in go.mod fix(deps): update all non-major dependencies in testing/coreruleset/go.mod Apr 8, 2025
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Apr 8, 2025

ℹ Artifact update notice

File name: testing/coreruleset/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 4 additional dependencies were updated

Details:

Package Change
golang.org/x/crypto v0.36.0 -> v0.37.0
golang.org/x/net v0.38.0 -> v0.39.0
golang.org/x/sync v0.12.0 -> v0.13.0
golang.org/x/sys v0.31.0 -> v0.32.0

@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 4045440 to eb259ca Compare April 14, 2025 19:28
@renovate renovate bot changed the title fix(deps): update all non-major dependencies in testing/coreruleset/go.mod fix(deps): update all non-major dependencies in .github/workflows/regression.yml Apr 14, 2025
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from eb259ca to 048cc3f Compare April 14, 2025 23:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file digest github-tags
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants