-
Notifications
You must be signed in to change notification settings - Fork 89
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(deps): upgrade postgres for 13 constant from 13.11
to 13.14.0
#131
Conversation
Version 13.11 is vulnerable to CVE-2023-39417, which exists in versions >= 13.0, < 13.12. The vulnerability was found in the National Vulnerability Database (NVD) based on the CPE cpe:2.3:a:postgresql:postgresql with NVD severity: High. The file is associated with the technology PostgreSQL. The vulnerability can be remediated by updating PostgreSQL to 13.12 or higher.
The vulnerability was found in the National Vulnerability Database (NVD) based on the CPE cpe:2.3:a:postgresql:postgresql with NVD severity: High. The file is associated with the technology PostgreSQL. The vulnerability can be remediated by updating PostgreSQL to 13.14 or higher.
13.11
to 13.14.0
That's great, thanks @michaelbrewer. I've just kicked off some tests that failed strangely again but if these pass I'll get this merged in, bump some other versions then cut a release for you. |
Thanks alot @fergusstrange could be failing at this is a fairly recent release? |
2 similar comments
Thanks alot @fergusstrange could be failing at this is a fairly recent release? |
Thanks alot @fergusstrange could be failing at this is a fairly recent release? |
Looks like it was just a temporary build system glitch, tests all passed now. |
Version released here https://github.com/fergusstrange/embedded-postgres/releases/tag/v1.26.0 |
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | Type | Update | |---|---|---|---|---|---|---|---| | [github.com/aws/aws-sdk-go](https://togithub.com/aws/aws-sdk-go) | `v1.50.25` -> `v1.50.30` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2faws%2faws-sdk-go/v1.50.30?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2faws%2faws-sdk-go/v1.50.30?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2faws%2faws-sdk-go/v1.50.25/v1.50.30?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2faws%2faws-sdk-go/v1.50.25/v1.50.30?slim=true)](https://docs.renovatebot.com/merge-confidence/) | require | patch | | [github.com/bufbuild/protovalidate-go](https://togithub.com/bufbuild/protovalidate-go) | `v0.5.2` -> `v0.6.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fbufbuild%2fprotovalidate-go/v0.6.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fbufbuild%2fprotovalidate-go/v0.6.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fbufbuild%2fprotovalidate-go/v0.5.2/v0.6.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fbufbuild%2fprotovalidate-go/v0.5.2/v0.6.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | require | minor | | [github.com/fergusstrange/embedded-postgres](https://togithub.com/fergusstrange/embedded-postgres) | `v1.25.0` -> `v1.26.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2ffergusstrange%2fembedded-postgres/v1.26.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2ffergusstrange%2fembedded-postgres/v1.26.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2ffergusstrange%2fembedded-postgres/v1.25.0/v1.26.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2ffergusstrange%2fembedded-postgres/v1.25.0/v1.26.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | require | minor | | [github.com/gdamore/tcell/v2](https://togithub.com/gdamore/tcell) | `v2.7.1` -> `v2.7.4` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgdamore%2ftcell%2fv2/v2.7.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgdamore%2ftcell%2fv2/v2.7.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgdamore%2ftcell%2fv2/v2.7.1/v2.7.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgdamore%2ftcell%2fv2/v2.7.1/v2.7.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | require | patch | | [github.com/minio/minio-go/v7](https://togithub.com/minio/minio-go) | `v7.0.67` -> `v7.0.68` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fminio%2fminio-go%2fv7/v7.0.68?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fminio%2fminio-go%2fv7/v7.0.68?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fminio%2fminio-go%2fv7/v7.0.67/v7.0.68?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fminio%2fminio-go%2fv7/v7.0.67/v7.0.68?slim=true)](https://docs.renovatebot.com/merge-confidence/) | require | patch | | [github.com/prometheus/client_golang](https://togithub.com/prometheus/client_golang) | `v1.18.0` -> `v1.19.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fprometheus%2fclient_golang/v1.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fprometheus%2fclient_golang/v1.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fprometheus%2fclient_golang/v1.18.0/v1.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fprometheus%2fclient_golang/v1.18.0/v1.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | require | minor | | [github.com/stretchr/testify](https://togithub.com/stretchr/testify) | `v1.8.4` -> `v1.9.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fstretchr%2ftestify/v1.9.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fstretchr%2ftestify/v1.9.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fstretchr%2ftestify/v1.8.4/v1.9.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fstretchr%2ftestify/v1.8.4/v1.9.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | require | minor | | golang.org/x/crypto | `v0.19.0` -> `v0.20.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fcrypto/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fcrypto/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fcrypto/v0.19.0/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fcrypto/v0.19.0/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | require | minor | | [google.golang.org/genproto/googleapis/api](https://togithub.com/googleapis/go-genproto) | `b0ce06b` -> `df926f6` | [![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgenproto%2fgoogleapis%2fapi/?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgenproto%2fgoogleapis%2fapi/?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgenproto%2fgoogleapis%2fapi/v0.0.0-20240221002015-b0ce06bbee7c/?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgenproto%2fgoogleapis%2fapi/v0.0.0-20240221002015-b0ce06bbee7c/?slim=true)](https://docs.renovatebot.com/merge-confidence/) | require | digest | --- ### Release Notes <details> <summary>aws/aws-sdk-go (github.com/aws/aws-sdk-go)</summary> ### [`v1.50.30`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v15030-2024-03-01) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.50.29...v1.50.30) \=== ##### Service Client Updates - `service/accessanalyzer`: Updates service documentation - `service/autoscaling`: Updates service documentation - With this release, Amazon EC2 Auto Scaling groups, EC2 Fleet, and Spot Fleet improve the default price protection behavior of attribute-based instance type selection of Spot Instances, to consistently select from a wide range of instance types. - `service/ec2`: Updates service documentation - With this release, Amazon EC2 Auto Scaling groups, EC2 Fleet, and Spot Fleet improve the default price protection behavior of attribute-based instance type selection of Spot Instances, to consistently select from a wide range of instance types. ### [`v1.50.29`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v15029-2024-02-29) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.50.28...v1.50.29) \=== ##### Service Client Updates - `service/docdb-elastic`: Updates service API and documentation - `service/eks`: Updates service API - `service/migrationhuborchestrator`: Updates service API and documentation - `service/models.lex.v2`: Updates service API and documentation - `service/quicksight`: Updates service API and documentation - TooltipTarget for Combo chart visuals; ColumnConfiguration limit increase to 2000; Documentation Update - `service/sagemaker`: Updates service API and documentation - Adds support for ModelDataSource in Model Packages to support unzipped models. Adds support to specify SourceUri for models which allows registration of models without mandating a container for hosting. Using SourceUri, customers can decouple the model from hosting information during registration. - `service/securitylake`: Updates service API and documentation ### [`v1.50.28`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v15028-2024-02-28) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.50.27...v1.50.28) \=== ##### Service Client Updates - `service/batch`: Updates service API and documentation - This release adds Batch support for configuration of multicontainer jobs in ECS, Fargate, and EKS. This support is available for all types of jobs, including both array jobs and multi-node parallel jobs. - `service/bedrock-agent-runtime`: Updates service API and documentation - `service/ce`: Updates service API and documentation - `service/ec2`: Updates service API and documentation - This release increases the range of MaxResults for GetNetworkInsightsAccessScopeAnalysisFindings to 1,000. - `service/iot`: Updates service API and documentation - This release reduces the maximum results returned per query invocation from 500 to 100 for the SearchIndex API. This change has no implications as long as the API is invoked until the nextToken is NULL. - `service/wafv2`: Updates service API and documentation ### [`v1.50.27`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v15027-2024-02-27) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.50.26...v1.50.27) \=== ##### Service Client Updates - `service/amplifyuibuilder`: Updates service API and documentation ### [`v1.50.26`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v15026-2024-02-26) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.50.25...v1.50.26) \=== ##### Service Client Updates - `service/apigateway`: Updates service documentation - Documentation updates for Amazon API Gateway. - `service/drs`: Updates service API and documentation - `service/kafkaconnect`: Updates service API and documentation - `service/rds`: Updates service API, documentation, waiters, paginators, and examples - This release adds support for gp3 data volumes for Multi-AZ DB Clusters. </details> <details> <summary>bufbuild/protovalidate-go (github.com/bufbuild/protovalidate-go)</summary> ### [`v0.6.0`](https://togithub.com/bufbuild/protovalidate-go/releases/tag/v0.6.0) [Compare Source](https://togithub.com/bufbuild/protovalidate-go/compare/v0.5.2...v0.6.0) #### What's Changed - Run go mod tidy by [@​pkwarren](https://togithub.com/pkwarren) in [https://github.com/bufbuild/protovalidate-go/pull/96](https://togithub.com/bufbuild/protovalidate-go/pull/96) - Create add-to-project workflow by [@​chrispine](https://togithub.com/chrispine) in [https://github.com/bufbuild/protovalidate-go/pull/97](https://togithub.com/bufbuild/protovalidate-go/pull/97) - Bump the go group with 1 update by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bufbuild/protovalidate-go/pull/98](https://togithub.com/bufbuild/protovalidate-go/pull/98) - Bump the github-actions group with 1 update by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bufbuild/protovalidate-go/pull/100](https://togithub.com/bufbuild/protovalidate-go/pull/100) - Update protovalidate-go to work with 0.6.1 protos by [@​pkwarren](https://togithub.com/pkwarren) in [https://github.com/bufbuild/protovalidate-go/pull/101](https://togithub.com/bufbuild/protovalidate-go/pull/101) #### New Contributors - [@​chrispine](https://togithub.com/chrispine) made their first contribution in [https://github.com/bufbuild/protovalidate-go/pull/97](https://togithub.com/bufbuild/protovalidate-go/pull/97) **Full Changelog**: bufbuild/protovalidate-go@v0.5.2...v0.6.0 </details> <details> <summary>fergusstrange/embedded-postgres (github.com/fergusstrange/embedded-postgres)</summary> ### [`v1.26.0`](https://togithub.com/fergusstrange/embedded-postgres/releases/tag/v1.26.0) [Compare Source](https://togithub.com/fergusstrange/embedded-postgres/compare/v1.25.0...v1.26.0) #### What's Changed - Add V16 constant by [@​zzzFelix](https://togithub.com/zzzFelix) in [https://github.com/fergusstrange/embedded-postgres/pull/129](https://togithub.com/fergusstrange/embedded-postgres/pull/129) - fix(deps): upgrade postgres for 13 constant from `13.11` to `13.14.0` by [@​michaelbrewer](https://togithub.com/michaelbrewer) in [https://github.com/fergusstrange/embedded-postgres/pull/131](https://togithub.com/fergusstrange/embedded-postgres/pull/131) - Upgrade versions by [@​fergusstrange](https://togithub.com/fergusstrange) in [https://github.com/fergusstrange/embedded-postgres/pull/132](https://togithub.com/fergusstrange/embedded-postgres/pull/132) #### New Contributors - [@​zzzFelix](https://togithub.com/zzzFelix) made their first contribution in [https://github.com/fergusstrange/embedded-postgres/pull/129](https://togithub.com/fergusstrange/embedded-postgres/pull/129) - [@​michaelbrewer](https://togithub.com/michaelbrewer) made their first contribution in [https://github.com/fergusstrange/embedded-postgres/pull/131](https://togithub.com/fergusstrange/embedded-postgres/pull/131) **Full Changelog**: fergusstrange/embedded-postgres@v1.25.0...v1.26.0 </details> <details> <summary>gdamore/tcell (github.com/gdamore/tcell/v2)</summary> ### [`v2.7.4`](https://togithub.com/gdamore/tcell/releases/tag/v2.7.4): Version 2.7.4 Bug Fix Release [Compare Source](https://togithub.com/gdamore/tcell/compare/v2.7.3...v2.7.4) This release fixes a problem with restoring cursor location properly on Windows. It also includes a new stress test for your terminal (FPS monitor) contributed by [@​Bios-Marcel](https://togithub.com/Bios-Marcel) ### [`v2.7.3`](https://togithub.com/gdamore/tcell/releases/tag/v2.7.3): Version 2.7.3 Bug Fix Release [Compare Source](https://togithub.com/gdamore/tcell/compare/v2.7.2...v2.7.3) This release just updates the terminfo data using current data from Ubuntu 24.04 (Noble). It fixes a regression where we dropped some capabilities including StrikeThrough for some terminals. ### [`v2.7.2`](https://togithub.com/gdamore/tcell/releases/tag/v2.7.2): Version 2.7.2 Improvement Release [Compare Source](https://togithub.com/gdamore/tcell/compare/v2.7.1...v2.7.2) This release does not add new APIs, but it does improve the functionality of tcell on Windows, and provides an "undocumented" feature for managing the alternate screen buffer. - Windows uses VT mode output everywhere except on ConEmu (because VT output mode on ConEmu is borked for colors) - The `TCELL_VTMODE` environment variable can be set to "enable" or "disable" to force attempting to use (or not) this mode. - Windows now uses the alternate screen buffer by default, and preserves the original screen content - Use of the alternate screen can be disabled setting the `TCELL_ALTSCREEN` environment variable to "disable". - If the alternate screen is disabled in that fashion, we will not clear the screen either. This is an experimental way to preserve the output from a tcell application on exit or suspend. Feedback on this would be appreciated. The specific environment variables listed here are *not* considered part of the Tcell API, and their presence and meaning may change without notice at any time. Please consider them experimental and let us know whether these are useful or not. </details> <details> <summary>minio/minio-go (github.com/minio/minio-go/v7)</summary> ### [`v7.0.68`](https://togithub.com/minio/minio-go/releases/tag/v7.0.68): Bugfix Release [Compare Source](https://togithub.com/minio/minio-go/compare/v7.0.67...v7.0.68) #### What's Changed - deprecate go1.17 support and move to go1.21 by [@​harshavardhana](https://togithub.com/harshavardhana) in [https://github.com/minio/minio-go/pull/1933](https://togithub.com/minio/minio-go/pull/1933) - creds: Add Expiration value by [@​vadmeste](https://togithub.com/vadmeste) in [https://github.com/minio/minio-go/pull/1936](https://togithub.com/minio/minio-go/pull/1936) - Drop seeding rand in tests by [@​ferhatelmas](https://togithub.com/ferhatelmas) in [https://github.com/minio/minio-go/pull/1934](https://togithub.com/minio/minio-go/pull/1934) - Make 520 status code retryable by [@​ferhatelmas](https://togithub.com/ferhatelmas) in [https://github.com/minio/minio-go/pull/1935](https://togithub.com/minio/minio-go/pull/1935) - Fix CVE-2022-28948 by [@​ferhatelmas](https://togithub.com/ferhatelmas) in [https://github.com/minio/minio-go/pull/1938](https://togithub.com/minio/minio-go/pull/1938) - Added valid allowed internal headers by [@​shtripat](https://togithub.com/shtripat) in [https://github.com/minio/minio-go/pull/1939](https://togithub.com/minio/minio-go/pull/1939) - x-minio-replication-encrypted-multipart as allowed header by [@​shtripat](https://togithub.com/shtripat) in [https://github.com/minio/minio-go/pull/1943](https://togithub.com/minio/minio-go/pull/1943) - Drop more rand seeding in tests by [@​ferhatelmas](https://togithub.com/ferhatelmas) in [https://github.com/minio/minio-go/pull/1942](https://togithub.com/minio/minio-go/pull/1942) #### New Contributors - [@​ferhatelmas](https://togithub.com/ferhatelmas) made their first contribution in [https://github.com/minio/minio-go/pull/1934](https://togithub.com/minio/minio-go/pull/1934) **Full Changelog**: minio/minio-go@v7.0.67...v7.0.68 </details> <details> <summary>prometheus/client_golang (github.com/prometheus/client_golang)</summary> ### [`v1.19.0`](https://togithub.com/prometheus/client_golang/releases/tag/v1.19.0) [Compare Source](https://togithub.com/prometheus/client_golang/compare/v1.18.0...v1.19.0) #### What's Changed The module `prometheus/common v0.48.0` introduced an incompatibility when used together with client_golang (See [https://github.com/prometheus/client_golang/pull/1448](https://togithub.com/prometheus/client_golang/pull/1448) for more details). If your project uses client_golang and you want to use `prometheus/common v0.48.0` or higher, please update client_golang to v1.19.0. - \[CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). [#​1445](https://togithub.com/prometheus/client_golang/issues/1445) [#​1449](https://togithub.com/prometheus/client_golang/issues/1449) - \[FEATURE] collectors: Add version collector. [#​1422](https://togithub.com/prometheus/client_golang/issues/1422) [#​1427](https://togithub.com/prometheus/client_golang/issues/1427) #### New Contributors - [@​michurin](https://togithub.com/michurin) made their first contribution in [https://github.com/prometheus/client_golang/pull/1423](https://togithub.com/prometheus/client_golang/pull/1423) - [@​kavu](https://togithub.com/kavu) made their first contribution in [https://github.com/prometheus/client_golang/pull/1445](https://togithub.com/prometheus/client_golang/pull/1445) - [@​ywwg](https://togithub.com/ywwg) made their first contribution in [https://github.com/prometheus/client_golang/pull/1448](https://togithub.com/prometheus/client_golang/pull/1448) **Full Changelog**: prometheus/client_golang@v1.18.0...v1.19.0 </details> <details> <summary>stretchr/testify (github.com/stretchr/testify)</summary> ### [`v1.9.0`](https://togithub.com/stretchr/testify/releases/tag/v1.9.0) [Compare Source](https://togithub.com/stretchr/testify/compare/v1.8.4...v1.9.0) #### What's Changed - Fix Go modules version by [@​SuperQ](https://togithub.com/SuperQ) in [https://github.com/stretchr/testify/pull/1394](https://togithub.com/stretchr/testify/pull/1394) - Document that require is not safe to call in created goroutines by [@​programmer04](https://togithub.com/programmer04) in [https://github.com/stretchr/testify/pull/1392](https://togithub.com/stretchr/testify/pull/1392) - Remove myself from MAINTAINERS.md by [@​mvdkleijn](https://togithub.com/mvdkleijn) in [https://github.com/stretchr/testify/pull/1367](https://togithub.com/stretchr/testify/pull/1367) - Correct spelling/grammar by [@​echarrod](https://togithub.com/echarrod) in [https://github.com/stretchr/testify/pull/1389](https://togithub.com/stretchr/testify/pull/1389) - docs: Update URLs in README by [@​davidjb](https://togithub.com/davidjb) in [https://github.com/stretchr/testify/pull/1349](https://togithub.com/stretchr/testify/pull/1349) - Update mockery link to Github Pages in README by [@​LandonTClipp](https://togithub.com/LandonTClipp) in [https://github.com/stretchr/testify/pull/1346](https://togithub.com/stretchr/testify/pull/1346) - docs: Fix typos in tests and comments by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/stretchr/testify/pull/1410](https://togithub.com/stretchr/testify/pull/1410) - CI: tests from go1.17 by [@​SuperQ](https://togithub.com/SuperQ) in [https://github.com/stretchr/testify/pull/1409](https://togithub.com/stretchr/testify/pull/1409) - Fix adding ? when no values passed by [@​lesichkovm](https://togithub.com/lesichkovm) in [https://github.com/stretchr/testify/pull/1320](https://togithub.com/stretchr/testify/pull/1320) - codegen: use standard header for generated files by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1406](https://togithub.com/stretchr/testify/pull/1406) - mock: AssertExpectations log reason only on failure by [@​hikyaru-suzuki](https://togithub.com/hikyaru-suzuki) in [https://github.com/stretchr/testify/pull/1360](https://togithub.com/stretchr/testify/pull/1360) - assert: fix flaky TestNeverTrue by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1417](https://togithub.com/stretchr/testify/pull/1417) - README: fix typos "set up" vs "setup" by [@​ossan-dev](https://togithub.com/ossan-dev) in [https://github.com/stretchr/testify/pull/1428](https://togithub.com/stretchr/testify/pull/1428) - mock: move regexp compilation outside of `Called` by [@​aud10slave](https://togithub.com/aud10slave) in [https://github.com/stretchr/testify/pull/631](https://togithub.com/stretchr/testify/pull/631) - assert: refactor internal func getLen() by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1445](https://togithub.com/stretchr/testify/pull/1445) - mock: deprecate type AnythingOfTypeArgument ([#​1434](https://togithub.com/stretchr/testify/issues/1434)) by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1441](https://togithub.com/stretchr/testify/pull/1441) - Remove no longer needed assert.canConvert by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/stretchr/testify/pull/1470](https://togithub.com/stretchr/testify/pull/1470) - assert: ObjectsAreEqual: use time.Equal for time.Time types by [@​tscales](https://togithub.com/tscales) in [https://github.com/stretchr/testify/pull/1464](https://togithub.com/stretchr/testify/pull/1464) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/stretchr/testify/pull/1466](https://togithub.com/stretchr/testify/pull/1466) - Bump actions/setup-go from 3.2.0 to 4.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/stretchr/testify/pull/1451](https://togithub.com/stretchr/testify/pull/1451) - fix: make EventuallyWithT concurrency safe by [@​czeslavo](https://togithub.com/czeslavo) in [https://github.com/stretchr/testify/pull/1395](https://togithub.com/stretchr/testify/pull/1395) - assert: fix httpCode and HTTPBody occur panic when http.Handler read Body by [@​hidu](https://togithub.com/hidu) in [https://github.com/stretchr/testify/pull/1484](https://togithub.com/stretchr/testify/pull/1484) - assert.EqualExportedValues: fix handling of arrays by [@​zrbecker](https://togithub.com/zrbecker) in [https://github.com/stretchr/testify/pull/1473](https://togithub.com/stretchr/testify/pull/1473) - .github: use latest Go versions by [@​kevinburkesegment](https://togithub.com/kevinburkesegment) in [https://github.com/stretchr/testify/pull/1489](https://togithub.com/stretchr/testify/pull/1489) - assert: Deprecate EqualExportedValues by [@​HaraldNordgren](https://togithub.com/HaraldNordgren) in [https://github.com/stretchr/testify/pull/1488](https://togithub.com/stretchr/testify/pull/1488) - suite: refactor test assertions by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/stretchr/testify/pull/1474](https://togithub.com/stretchr/testify/pull/1474) - suite: fix SetupSubTest and TearDownSubTest execution order by [@​linusbarth](https://togithub.com/linusbarth) in [https://github.com/stretchr/testify/pull/1471](https://togithub.com/stretchr/testify/pull/1471) - docs: Fix deprecation comments for http package by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/stretchr/testify/pull/1335](https://togithub.com/stretchr/testify/pull/1335) - Add map support doc comments to Subset and NotSubset by [@​jedevc](https://togithub.com/jedevc) in [https://github.com/stretchr/testify/pull/1306](https://togithub.com/stretchr/testify/pull/1306) - TestErrorIs/TestNotErrorIs: check error message contents by [@​craig65535](https://togithub.com/craig65535) in [https://github.com/stretchr/testify/pull/1435](https://togithub.com/stretchr/testify/pull/1435) - suite: fix subtest names (fix [#​1501](https://togithub.com/stretchr/testify/issues/1501)) by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1504](https://togithub.com/stretchr/testify/pull/1504) - assert: improve unsafe.Pointer tests by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1505](https://togithub.com/stretchr/testify/pull/1505) - assert: simplify isNil implementation by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1506](https://togithub.com/stretchr/testify/pull/1506) - assert.InEpsilonSlice: fix expected/actual order and other improvements by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1483](https://togithub.com/stretchr/testify/pull/1483) - Fix dependency cycle with objx [#​1292](https://togithub.com/stretchr/testify/issues/1292) by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1453](https://togithub.com/stretchr/testify/pull/1453) - mock: refactor TestIsArgsEqual by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1444](https://togithub.com/stretchr/testify/pull/1444) - mock: optimize argument matching checks by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1416](https://togithub.com/stretchr/testify/pull/1416) - assert: fix TestEventuallyTimeout by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1412](https://togithub.com/stretchr/testify/pull/1412) - CI: add go 1.21 in GitHub Actions by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1450](https://togithub.com/stretchr/testify/pull/1450) - suite: fix recoverAndFailOnPanic to report test failure at the right location by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1502](https://togithub.com/stretchr/testify/pull/1502) - Update maintainers by [@​brackendawson](https://togithub.com/brackendawson) in [https://github.com/stretchr/testify/pull/1533](https://togithub.com/stretchr/testify/pull/1533) - assert: Fix EqualValues to handle overflow/underflow by [@​arjunmahishi](https://togithub.com/arjunmahishi) in [https://github.com/stretchr/testify/pull/1531](https://togithub.com/stretchr/testify/pull/1531) - assert: better formatting for Len() error by [@​kevinburkesegment](https://togithub.com/kevinburkesegment) in [https://github.com/stretchr/testify/pull/1485](https://togithub.com/stretchr/testify/pull/1485) - Ensure AssertExpectations does not fail in skipped tests by [@​ianrose14](https://togithub.com/ianrose14) in [https://github.com/stretchr/testify/pull/1331](https://togithub.com/stretchr/testify/pull/1331) - suite: fix deadlock in suite.Require()/Assert() by [@​arjunmahishi](https://togithub.com/arjunmahishi) in [https://github.com/stretchr/testify/pull/1535](https://togithub.com/stretchr/testify/pull/1535) - Revert "assert: ObjectsAreEqual: use time.Equal for time.Time type" by [@​brackendawson](https://togithub.com/brackendawson) in [https://github.com/stretchr/testify/pull/1537](https://togithub.com/stretchr/testify/pull/1537) - \[chore] Add issue templates by [@​arjunmahishi](https://togithub.com/arjunmahishi) in [https://github.com/stretchr/testify/pull/1538](https://togithub.com/stretchr/testify/pull/1538) - Update the build status badge by [@​brackendawson](https://togithub.com/brackendawson) in [https://github.com/stretchr/testify/pull/1540](https://togithub.com/stretchr/testify/pull/1540) - Update Github workflows setup-go to V5 by [@​hendrywiranto](https://togithub.com/hendrywiranto) in [https://github.com/stretchr/testify/pull/1545](https://togithub.com/stretchr/testify/pull/1545) - Support Pointer to Struct in EqualExportedValues by [@​Lucaber](https://togithub.com/Lucaber) in [https://github.com/stretchr/testify/pull/1517](https://togithub.com/stretchr/testify/pull/1517) - README: drop link to gorc by [@​guettli](https://togithub.com/guettli) in [https://github.com/stretchr/testify/pull/1248](https://togithub.com/stretchr/testify/pull/1248) - http_assertions: honour the msgAndArgs provided with each assertion by [@​arjunmahishi](https://togithub.com/arjunmahishi) in [https://github.com/stretchr/testify/pull/1548](https://togithub.com/stretchr/testify/pull/1548) - fix typos in comments and tests by [@​ccoVeille](https://togithub.com/ccoVeille) in [https://github.com/stretchr/testify/pull/1247](https://togithub.com/stretchr/testify/pull/1247) - Include the auto-release notes in releases by [@​brackendawson](https://togithub.com/brackendawson) in [https://github.com/stretchr/testify/pull/1550](https://togithub.com/stretchr/testify/pull/1550) - Add `NotImplements` and variants by [@​hslatman](https://togithub.com/hslatman) in [https://github.com/stretchr/testify/pull/1385](https://togithub.com/stretchr/testify/pull/1385) - Add support to compare uintptr by [@​bogdandrutu](https://togithub.com/bogdandrutu) in [https://github.com/stretchr/testify/pull/1339](https://togithub.com/stretchr/testify/pull/1339) - build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/stretchr/testify/pull/1552](https://togithub.com/stretchr/testify/pull/1552) #### New Contributors - [@​SuperQ](https://togithub.com/SuperQ) made their first contribution in [https://github.com/stretchr/testify/pull/1394](https://togithub.com/stretchr/testify/pull/1394) - [@​programmer04](https://togithub.com/programmer04) made their first contribution in [https://github.com/stretchr/testify/pull/1392](https://togithub.com/stretchr/testify/pull/1392) - [@​echarrod](https://togithub.com/echarrod) made their first contribution in [https://github.com/stretchr/testify/pull/1389](https://togithub.com/stretchr/testify/pull/1389) - [@​davidjb](https://togithub.com/davidjb) made their first contribution in [https://github.com/stretchr/testify/pull/1349](https://togithub.com/stretchr/testify/pull/1349) - [@​LandonTClipp](https://togithub.com/LandonTClipp) made their first contribution in [https://github.com/stretchr/testify/pull/1346](https://togithub.com/stretchr/testify/pull/1346) - [@​alexandear](https://togithub.com/alexandear) made their first contribution in [https://github.com/stretchr/testify/pull/1410](https://togithub.com/stretchr/testify/pull/1410) - [@​lesichkovm](https://togithub.com/lesichkovm) made their first contribution in [https://github.com/stretchr/testify/pull/1320](https://togithub.com/stretchr/testify/pull/1320) - [@​dolmen](https://togithub.com/dolmen) made their first contribution in [https://github.com/stretchr/testify/pull/1406](https://togithub.com/stretchr/testify/pull/1406) - [@​hikyaru-suzuki](https://togithub.com/hikyaru-suzuki) made their first contribution in [https://github.com/stretchr/testify/pull/1360](https://togithub.com/stretchr/testify/pull/1360) - [@​ossan-dev](https://togithub.com/ossan-dev) made their first contribution in [https://github.com/stretchr/testify/pull/1428](https://togithub.com/stretchr/testify/pull/1428) - [@​aud10slave](https://togithub.com/aud10slave) made their first contribution in [https://github.com/stretchr/testify/pull/631](https://togithub.com/stretchr/testify/pull/631) - [@​tscales](https://togithub.com/tscales) made their first contribution in [https://github.com/stretchr/testify/pull/1464](https://togithub.com/stretchr/testify/pull/1464) - [@​czeslavo](https://togithub.com/czeslavo) made their first contribution in [https://github.com/stretchr/testify/pull/1395](https://togithub.com/stretchr/testify/pull/1395) - [@​hidu](https://togithub.com/hidu) made their first contribution in [https://github.com/stretchr/testify/pull/1484](https://togithub.com/stretchr/testify/pull/1484) - [@​zrbecker](https://togithub.com/zrbecker) made their first contribution in [https://github.com/stretchr/testify/pull/1473](https://togithub.com/stretchr/testify/pull/1473) - [@​kevinburkesegment](https://togithub.com/kevinburkesegment) made their first contribution in [https://github.com/stretchr/testify/pull/1489](https://togithub.com/stretchr/testify/pull/1489) - [@​linusbarth](https://togithub.com/linusbarth) made their first contribution in [https://github.com/stretchr/testify/pull/1471](https://togithub.com/stretchr/testify/pull/1471) - [@​jedevc](https://togithub.com/jedevc) made their first contribution in [https://github.com/stretchr/testify/pull/1306](https://togithub.com/stretchr/testify/pull/1306) - [@​craig65535](https://togithub.com/craig65535) made their first contribution in [https://github.com/stretchr/testify/pull/1435](https://togithub.com/stretchr/testify/pull/1435) - [@​arjunmahishi](https://togithub.com/arjunmahishi) made their first contribution in [https://github.com/stretchr/testify/pull/1531](https://togithub.com/stretchr/testify/pull/1531) - [@​ianrose14](https://togithub.com/ianrose14) made their first contribution in [https://github.com/stretchr/testify/pull/1331](https://togithub.com/stretchr/testify/pull/1331) - [@​hendrywiranto](https://togithub.com/hendrywiranto) made their first contribution in [https://github.com/stretchr/testify/pull/1545](https://togithub.com/stretchr/testify/pull/1545) - [@​Lucaber](https://togithub.com/Lucaber) made their first contribution in [https://github.com/stretchr/testify/pull/1517](https://togithub.com/stretchr/testify/pull/1517) - [@​guettli](https://togithub.com/guettli) made their first contribution in [https://github.com/stretchr/testify/pull/1248](https://togithub.com/stretchr/testify/pull/1248) - [@​ccoVeille](https://togithub.com/ccoVeille) made their first contribution in [https://github.com/stretchr/testify/pull/1247](https://togithub.com/stretchr/testify/pull/1247) - [@​hslatman](https://togithub.com/hslatman) made their first contribution in [https://github.com/stretchr/testify/pull/1385](https://togithub.com/stretchr/testify/pull/1385) - [@​bogdandrutu](https://togithub.com/bogdandrutu) made their first contribution in [https://github.com/stretchr/testify/pull/1339](https://togithub.com/stretchr/testify/pull/1339) **Full Changelog**: stretchr/testify@v1.8.4...v1.9.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/cerbos/cerbos). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMjAuMiIsInVwZGF0ZWRJblZlciI6IjM3LjIyMC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Multiple CVEs for PostgreSQL version 13.11
Version 13.11 is vulnerable to CVE-2023-39417, which exists in versions >= 13.0, < 13.12.
The vulnerability was found in the National Vulnerability Database (NVD) based on the CPE cpe:2.3:a:postgresql:postgresql with NVD severity: High.
The file is associated with the technology PostgreSQL.
The vulnerability can be remediated by updating PostgreSQL to 13.12 or higher.
Version 13.11 is vulnerable to CVE-2023-5869, which exists in versions >= 13.0, < 13.13.
The vulnerability was found in the National Vulnerability Database (NVD) based on the CPE cpe:2.3:a:postgresql:postgresql with NVD severity: High.
The file is associated with the technology PostgreSQL.
The vulnerability can be remediated by updating PostgreSQL to 13.13 or higher.
Version 13.11 is vulnerable to CVE-2024-0985, which exists in versions >= 13.0, < 13.14.
The vulnerability was found in the National Vulnerability Database (NVD) based on the CPE cpe:2.3:a:postgresql:postgresql with NVD severity: High.
The file is associated with the technology PostgreSQL.
The vulnerability can be remediated by updating PostgreSQL to 13.14 or higher.
closes #130