build(deps): bump the go-deps group across 1 directory with 9 updates #1658
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the go-deps group with 8 updates in the / directory:
0.3.2
0.3.4
5.5.0
5.6.0
7.0.77
7.0.80
1.34.2
1.35.1
1.20.4
1.20.5
2.4.0
2.4.1
1.8.9
1.8.10
0.198.0
0.204.0
Updates
github.com/cyphar/filepath-securejoin
from 0.3.2 to 0.3.4Release notes
Sourced from github.com/cyphar/filepath-securejoin's releases.
Changelog
Sourced from github.com/cyphar/filepath-securejoin's changelog.
Commits
fd16ade
VERSION: release v0.3.400e0710
godoc: update package documentation0cd6be1
README: fix reference to open_tree kernel requirements205046f
README: add pkg.go.dev badgeecb1b8e
tests: procfs: clean up mock test hook3ec6eed
CHANGELOG: mention #32 fix86e6182
merge #32 into cyphar/filepath-securejoin:main6864912
Isolate the testing import in test code4348fee
openat: remove unused functiond0c7d67
merge #31 into cyphar/filepath-securejoin:mainUpdates
github.com/go-git/go-billy/v5
from 5.5.0 to 5.6.0Release notes
Sourced from github.com/go-git/go-billy/v5's releases.
Commits
371e232
Merge pull request #85 from go-git/dependabot/github_actions/github/codeql-ac...5087c4c
build: bump github/codeql-action from 3.26.10 to 3.26.115f263c9
Merge pull request #84 from go-git/dependabot/github_actions/github/codeql-ac...18ec098
build: bump github/codeql-action from 3.26.8 to 3.26.10c1ee0b9
Merge pull request #81 from evankanderson/iofsb50bc97
Rename Wrap to New9745bbb
Merge pull request #83 from go-git/dependabot/github_actions/github/codeql-ac...d864d47
build: bump github/codeql-action from 3.26.7 to 3.26.8b8c5b1b
Prevent test failures on Windows, address feedback from pjbgf28f6c49
Fix test handling on go < 1.23Updates
github.com/minio/minio-go/v7
from 7.0.77 to 7.0.80Release notes
Sourced from github.com/minio/minio-go/v7's releases.
Commits
df2a8f5
retry: make max retries configurable (#2013)22d521d
Add support for AllVersionsExpiration ilm rule (#2014)13faa64
Update version to next release9f2a600
only retry multi-part upload as single-part upload on GCS endpoints (#2012)499781c
Update remove bucket replication reference (#2006)a53a7a7
Update version to next release95a7dde
add=
character to tag validation regex (#2008)c925075
update dependencies (#2010)a506e3d
Addcredentials.WithPolicy
method to narrow down policy (#2007)cca4103
add a non-TLS test (#2005)Updates
github.com/onsi/gomega
from 1.34.2 to 1.35.1Release notes
Sourced from github.com/onsi/gomega's releases.
Changelog
Sourced from github.com/onsi/gomega's changelog.
Commits
9f5a208
v1.35.1ca36da1
Export EnforceDefaultTimeoutsWhenUsingContexts and DisableDefaultTimeoutsWhen...d6331f9
v1.35.05deaf23
fix tests, but like actually this timeeeca931
Add Successfully() to StopTrying() to signal that Consistently can end early ...3bdbc4e
stop memoizing result of HaveFielde35358d
sheepishly fix broken test. thanks CI1b717d7
grrr. go mod tidya05a416
bump all dependenciese4c4265
Add EnforceDefaultTimeoutsWhenUsingContexts()Updates
github.com/prometheus/client_golang
from 1.20.4 to 1.20.5Release notes
Sourced from github.com/prometheus/client_golang's releases.
Changelog
Sourced from github.com/prometheus/client_golang's changelog.
Commits
48e12a1
Merge pull request #1645 from prometheus/cut-1204-pr1424504ad9b
Cut 1.20.5; update comments.584a7ce
Revert "testutil compareMetricFamilies: make less error-prone (#1424)"Updates
github.com/sigstore/cosign/v2
from 2.4.0 to 2.4.1Release notes
Sourced from github.com/sigstore/cosign/v2's releases.
Changelog
Sourced from github.com/sigstore/cosign/v2's changelog.
Commits
9a4cfe1
update changelog for v2.4.1 (#3896)0bd0d91
chore(deps): bump actions/checkout in the actions group (#3893)66af64e
chore(deps): bump github.com/theupdateframework/go-tuf/v2 (#3895)677a262
bump scaffolding release to v0.7.11 (#3887)77f71e0
Update README.md (#3886)4393313
Fix bug in attest-blob when using a timestamp authority with new bundles (#3877)081dea1
fix: documentation link for installation guide (#3884)780780b
chore(deps): bump github.com/xanzy/go-gitlab from 0.108.0 to 0.109.0 (#3867)dee0b23
chore(deps): bump github.com/buildkite/agent/v3 from 3.79.0 to 3.81.0 (#3874)4ffbf5f
update to use go1.22.7 and golangci-lint (#3864)Updates
github.com/sigstore/sigstore
from 1.8.9 to 1.8.10Release notes
Sourced from github.com/sigstore/sigstore's releases.
Commits
305ff9e
bump to go 1.22.8 (#1865)d88a949
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity (#1860)cfde863
build(deps): Bump the gomod group across 1 directory with 3 updates (#1859)e928a84
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azcore (#1861)66f05db
build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1862)f0978ed
build(deps): Bump the all group with 2 updates (#1863)9398b12
build(deps): Bump the all group in /test/e2e with 2 updates (#1864)bd8ee68
Mark TUF client as deprecated (#1858)c59dfa0
build(deps): Bump golang.org/x/crypto from 0.25.0 to 0.28.0 (#1852)bde3e53
build(deps): Bump golang.org/x/term from 0.22.0 to 0.25.0 (#1851)Updates
golang.org/x/crypto
from 0.27.0 to 0.28.0Commits
adef4cc
go.mod: update golang.org/x dependenciesa0819fb
sha3: fix cSHAKE initialization for extremely large N and or S42ee18b
ssh: return ServerAuthError after too many auth failures9e92970
bn256: add missing symbols in commentUpdates
google.golang.org/api
from 0.198.0 to 0.204.0Release notes
Sourced from google.golang.org/api's releases.
... (truncated)
Changelog
Sourced from google.golang.org/api's changelog.
... (truncated)
Commits
bcf1580
chore(main): release 0.204.0 (#2838)c67e7c0
fix(transport/grpc): pass through cert source to new auth lib (#2840)29e20f6
docs: mark WithUniverseDomain as stable (#2847)4b4eacf
chore: bump auth deps (#2851)7955ec4
feat(all): auto-regenerate discovery clients (#2850)5bc448d
feat(all): auto-regenerate discovery clients (#2848)9d5f008
feat(all): auto-regenerate discovery clients (#2845)48dda95
chore(all): update all to 324edc3 (#2843)56c5ddb
feat(all): auto-regenerate discovery clients (#2844)7221d2c
feat(all): auto-regenerate discovery clients (#2842)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions