Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the backend group with 11 updates #3417

Closed
wants to merge 1 commit into from
Closed

Bump the backend group with 11 updates #3417

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 16, 2023
edited
Loading

Bumps the backend group with 11 updates:

Package From To
github.com/aquasecurity/trivy 0.42.1 0.46.0
github.com/hashicorp/golang-lru/v2 2.0.6 2.0.7
github.com/operator-framework/api 0.17.5 0.17.7
github.com/prometheus/client_golang 1.16.0 1.17.0
github.com/rs/cors 1.10.0 1.10.1
github.com/sigstore/cosign 1.5.2 1.13.1
github.com/spf13/viper 1.16.0 1.17.0
github.com/tektoncd/pipeline 0.31.4 0.52.1
golang.org/x/oauth2 0.12.0 0.13.0
google.golang.org/api 0.143.0 0.147.0
helm.sh/helm/v3 3.12.3 3.13.1

Updates github.com/aquasecurity/trivy from 0.42.1 to 0.46.0

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.46.0

⚡Release highlights and summary⚡

👉 aquasecurity/trivy#5377

Changelog

  • cbbd1ce1f feat(k8s): add support for vulnerability detection (#5268)
  • 24a0d9214 fix(python): override BOM in requirements.txt files (#5375)
  • 0c3e2f08b docs: add kbom documentation (#5363)
  • 6c12f0428 test: use maximize build space for VM tests (#5362)
  • c4134224a chore(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 (#5365)
  • 20ab7033b fix(report): add escaping quotes in misconfig Title for asff template (#5351)
  • 91841f59b ci: add workflow to check Go versions of dependencies (#5340)
  • 57ba05c76 chore(deps): Upgrade defsec to v0.93.1 (#5348)
  • fef3ed435 chore(deps): bump alpine from 3.18.3 to 3.18.4 (#5300)
  • ced54aced fix: Report error when os.CreateTemp fails (to be consistent with other uses) (#5342)
  • 2798df916 fix: add config files to FS for post-analyzers (#5333)
  • af485b33f fix: fix MIME warnings after updating to Go 1.20 (#5336)
  • 008babfb8 build: fix a compile error with Go 1.21 (#5339)
  • 00d9c4666 feat: added Metadata into the k8s resource's scan report (#5322)
  • 03b6787c4 ci: check only PR's in actions/stale (#5337)
  • e6d5889ed chore: update adopters template (#5330)
  • 74dbd8a1f ci: do not trigger tests on the push event (#5313)
  • 393bfdc1a fix(sbom): use PURL or Group and Name in case of Java (#5154)
  • 76eb8a57b docs: add buildkite repository to ecosystem page (#5316)
  • 6c74ee11f chore(deps): bump docker/setup-qemu-action from 2 to 3 (#5290)
  • 6119878de chore(deps): bump docker/setup-buildx-action from 2 to 3 (#5292)
  • a346587b8 chore(deps): bump actions/cache from 3.3.1 to 3.3.2 (#5293)
  • 7e613cc5f chore(deps): bump github.com/google/uuid from 1.3.0 to 1.3.1 (#5286)
  • f05bc4be4 chore(deps): bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.2 (#5289)
  • 3be5e6b24 chore: enable go-critic (#5302)
  • f6cd21c87 chore(deps): bump actions/checkout from 3.6.0 to 4.1.0 (#5288)
  • f7b975187 chore(deps): bump github.com/aws/aws-sdk-go from 1.45.3 to 1.45.19 (#5287)
  • 18d168769 close java-db client (#5273)
  • eb60e9f3c chore(deps): bump docker/login-action from 2 to 3 (#5291)
  • 5a92055e1 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#5294)
  • 46afe65ee chore(deps): bump github.com/sigstore/rekor from 1.2.1 to 1.3.0 (#5304)
  • 0bf2a11a2 chore(deps): bump github.com/opencontainers/image-spec (#5295)
  • 23b5fece0 fix(report): removes git::http from uri in sarif (#5244)
  • 4f1d576e5 Improve the meaning of sentence (#5301)
  • 6ab2bdfa7 chore(deps): bump github.com/owenrumney/go-sarif/v2 from 2.2.0 to 2.2.2 (#5297)
  • 4217cffb5 chore(deps): bump golang.org/x/term from 0.11.0 to 0.12.0 (#5296)
  • 184058470 add app nil check (#5274)
  • c5ae9f265 typo: in secret.md (#5281)
  • 562723f0a docs: add info about github format (#5265)
  • 3dd5b1e94 feat(dotnet): add license support for NuGet (#5217)
  • 5c18475f3 docs: correctly export variables (#5260)
  • 0c08dde01 chore: Add line numbers for lint output (#5247)
  • 0ccbb4f7f chore(cli): disable java-db flags in server mode (#5263)
  • 908a4914c feat(db): allow passing registry options (#5226)

... (truncated)

Commits
  • cbbd1ce feat(k8s): add support for vulnerability detection (#5268)
  • 24a0d92 fix(python): override BOM in requirements.txt files (#5375)
  • 0c3e2f0 docs: add kbom documentation (#5363)
  • 6c12f04 test: use maximize build space for VM tests (#5362)
  • c413422 chore(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 (#5365)
  • 20ab703 fix(report): add escaping quotes in misconfig Title for asff template (#5351)
  • 91841f5 ci: add workflow to check Go versions of dependencies (#5340)
  • 57ba05c chore(deps): Upgrade defsec to v0.93.1 (#5348)
  • fef3ed4 chore(deps): bump alpine from 3.18.3 to 3.18.4 (#5300)
  • ced54ac fix: Report error when os.CreateTemp fails (to be consistent with other uses)...
  • Additional commits viewable in compare view

Updates github.com/hashicorp/golang-lru/v2 from 2.0.6 to 2.0.7

Release notes

Sourced from github.com/hashicorp/golang-lru/v2's releases.

golang-lru 2.0.7

What's Changed

New Contributors

Full Changelog: hashicorp/golang-lru@v2.0.6...v2.0.7

Commits
  • d851586 add a Resize method to 2Q
  • d46c1d9 expirable LRU: fix so that Get/Peek cannot return an ok and empty value (#156)
  • 56a2dc0 Update arc to base package v2.0.6
  • See full diff in compare view

Updates github.com/operator-framework/api from 0.17.5 to 0.17.7

Release notes

Sourced from github.com/operator-framework/api's releases.

v0.17.7

What's Changed

New Contributors

Full Changelog: operator-framework/api@v0.17.6...v0.17.7

v0.17.6

What's Changed

New Contributors

Full Changelog: operator-framework/api@v0.17.5...v0.17.6

Commits

Updates github.com/prometheus/client_golang from 1.16.0 to 1.17.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.17.0

What's Changed

  • [CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325
  • [FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313
  • [ENHANCEMENT] Enable detection of a native histogram without observations. #1314

New Contributors

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.17.0 / 2023-09-27

  • [CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325
  • [FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313
  • [ENHANCEMENT] Enable detection of a native histogram without observations. #1314
Commits
  • fa1408e Merge pull request #1352 from prometheus/arthursens/cut-1.17.0
  • 24a72b8 Add changelog entry for 1.17
  • 1bae6c1 Deprecated comment should begin with "Deprecated:" (#1347)
  • bbab8fe Fix typos in comments, tests, and errors (#1346)
  • df7fa49 Extend Counters, Summaries and Histograms with creation timestamp (#1313)
  • 74cc262 Add go_godebug_non_default_behavior_tlsmaxrsasize_events_total (#1348)
  • d03abf3 Cleanup golangci-lint errcheck (#1339)
  • ca6ba04 Update common Prometheus files (#1338)
  • 51d24f8 Update common Prometheus files (#1332)
  • c17edf0 Merge pull request #1304 from prometheus/dependabot/go_modules/google.golang....
  • Additional commits viewable in compare view

Updates github.com/rs/cors from 1.10.0 to 1.10.1

Commits

Updates github.com/sigstore/cosign from 1.5.2 to 1.13.1

Release notes

Sourced from github.com/sigstore/cosign's releases.

v1.13.1

What's Changed

New Contributors

Full Changelog: sigstore/cosign@v1.13.0...v1.13.1

v1.13.0

Highlights

  • For users who have deployed a private instance of Fulcio release v0.6.x and issue certificates with the Username identity, you will need to upgrade to use this version."

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from github.com/sigstore/cosign's changelog.

v1.13.1

Enhancements

  • verify-blob-attestation: allow multiple subjects in in_toto attestation (#2341)
  • Add verify-blob-attestation command and tests (#2337)
  • Add --output-attestation flag to attest-blob and remove experimental signing (#2332)
  • Add attest-blob command (#2286)
  • Add '--cert-identity' flag to support subject alternate names for ver… (#2278)
  • Update Dockerfile section of README (#2323)

Bug Fixes

  • Update warning when users sign images by tag. (#2313)

Others

  • Remove experimental flags from attest-blob and refactor (#2338)

Contributors

  • Alex Cameron
  • Ville Aikas
  • Zack Newman
  • asraa
  • kpk47
  • priyawadhwa

v1.13.0

Highlights

  • For users who have deployed a private instance of Fulcio release v0.6.x and issue certificates with the Username identity, you will need to upgrade to use this version."

Enhancements

Bug Fixes

Others

Contributors

... (truncated)

Commits
  • d1c6336 Add CHANGELOG for v1.13.1 (#2349)
  • e79cb5c chore(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 (#2326)
  • eba132f chore(deps): bump github.com/go-openapi/runtime from 0.24.1 to 0.24.2 (#2347)
  • 2860144 chore(deps): bump google.golang.org/api from 0.98.0 to 0.99.0 (#2348)
  • ef9cf9d chore(deps): bump google-github-actions/setup-gcloud from 0.6.1 to 0.6.2 (#2344)
  • fc83e43 chore(deps): bump google-github-actions/auth from 0.8.2 to 0.8.3 (#2343)
  • e652561 chore(deps): bump google-github-actions/setup-gcloud from 0.6.0 to 0.6.1 (#2340)
  • d637a3b verify-blob-attestation: allow multiple subjects in in_toto attestation (#2341)
  • a7ad7e7 Nits for #2337 (#2342)
  • 797033c Add verify-blob-attestation command and tests (#2337)
  • Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.16.0 to 1.17.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.17.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

Minimum Go version: 1.19

Viper now requires Go 1.19

This change ensures we can stay up to date with modern practices and dependencies.

log/slog support [BREAKING]

Viper v1.11.0 added an experimental Logger interface to allow custom implementations (besides jwalterweatherman).

In addition, it also exposed an experimental WithLogger function allowing to set a custom logger.

This release deprecates that interface in favor of log/slog released in Go 1.21.

[!WARNING] WithLogger accepts an *slog.Logger from now on.

To preserve backwards compatibility with older Go versions, prior to Go 1.21 Viper accepts a *golang.org/x/exp/slog.Logger.

The experimental flag is removed.

New finder implementation [BREAKING]

As of this release, Viper uses a new library to look for files, called locafero.

The new library is better covered by tests and has been built from scratch as a general purpose file finder library.

The implementation is experimental and is hidden behind a finder build tag.

[!WARNING] The io/fs based implementation (that used to be hidden behind a finder build tag) has been removed.

What's Changed

Exciting New Features 🎉

Enhancements 🚀

... (truncated)

Commits
  • f62f86a refactor: make use of strings.Cut
  • 94632fa chore: Use pip3 explicitly to install yamllint
  • 3f6cadc chore: Fix copy-paste error for yamllint target
  • 287507c docs: add set subset KV example
  • f1cb226 chore(deps): update crypt
  • c292b55 test: refactor asserts
  • 3d006fe refactor: replace interface{} with any
  • 8a6dc5d build(deps): bump github/codeql-action from 2.21.8 to 2.21.9
  • 96c5c00 chore: remove deprecated build tags
  • 44911d2 build(deps): bump github/codeql-action from 2.21.7 to 2.21.8
  • Additional commits viewable in compare view

Updates github.com/tektoncd/pipeline from 0.31.4 to 0.52.1

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v0.52.1 "California Spangled Optimus"

-Docs @ v0.52.1 -Examples @ v0.52.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.1/release.yaml
REKOR_UUID=24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825
Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.52.1@sha256:" + .digest.sha256')
Download the release file
curl "$RELEASE_FILE" > release.yaml
For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

  • 🐛 [release-v0.52.x] Regression: fix results with out of order tasks (#7174)

Fix regression where a different order of task definition may cause result resolution to break

... (truncated)

Changelog

Sourced from github.com/tektoncd/pipeline's changelog.

Tekton Pipeline Releases

Release Frequency

Tekton Pipelines follows the Tekton community [release policy][release-policy] as follows:

  • Versions are numbered according to semantic versioning: vX.Y.Z
  • A new release is produced on a monthly basis
  • Four releases a year are chosen for long term support (LTS). All remaining releases are supported for approximately 1 month (until the next release is produced)
    • LTS releases take place in January, April, July and October every year
    • The first Tekton Pipelines LTS release will be v0.41.0 in October 2022
    • Releases happen towards the middle of the month, between the 13th and the 20th, depending on week-ends and readiness

Tekton Pipelines produces nightly builds, publicly available on gcr.io/tekton-nightly.

Transition Process

Before release v0.41 Tekton Pipelines has worked on the basis of an undocumented support period of four months, which will be maintained for the releases between v0.37 and v0.40.

Release Process

Tekton Pipeline releases are made of YAML manifests and container images. Manifests are published to cloud object-storage as well as [GitHub][tekton-pipeline-releases]. Container images are signed by [Sigstore][sigstore] via [Tekton Chains][tekton-chains]; signatures can be verified through the [public key][chains-public-key] hosted by the Tekton Chains project.

Further documentation available:

  • The Tekton Pipeline [release process][tekton-releases-docs]
  • [Installing Tekton][tekton-installation]
  • Standard for [release notes][release-notes-standards]

Release

v0.52

  • Latest Release: [v0.52.0][v0.52-0] (2023-09-20) ([docs][v0.52-0-docs], [examples][v0.52-0-examples])
  • Initial Release: [v0.52.0][v0.52-0] (2023-09-20)
  • Estimated End of Life: 2023-10-20
  • Patch Releases: [v0.52.0][v0.52-0]

... (truncated)

Commits
  • e7b5e58 Regression: fix results with out of order tasks
  • feb943c Bump github.com/jenkins-x/go-scm from 1.13.13 to 1.14.14
  • 6364191 fix: clean results when taskrun retries
  • 503cc3d Bump google.golang.org/grpc from 1.56.2 to 1.58.1
  • 3076240 fix 6093 task results not replaced with their values in childReferences
  • 3835c75 Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.3
  • a41fafe Bump github.com/spiffe/spire-api-sdk from 1.7.1 to 1.7.2
  • 44e1707 Bump github.com/containerd/containerd from 1.7.3 to 1.7.6
  • d783556 Remove results annotations filtering
  • f27f333 Bump google.golang.org/protobuf from 1.30.0 to 1.31.0
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.12.0 to 0.13.0

Commits
  • 3c5dbf0 go.mod: update golang.org/x dependencies
  • 11625cc google: add authorized_user conditional to Credentials.UniverseDomain
  • 8d6d45b google: add Credentials.UniverseDomain to support TPC
  • 43b6a7b google: adding support for external account authorized user
  • 14b275c oauth2: workaround misspelling of verification_uri
  • 18352fc google/internal/externalaccount: adding BYOID Metrics
  • 9095a51 oauth2: clarify error if endpoint missing DeviceAuthURL
  • 2d9e4a2 oauth2/google: remove meta validations for aws external credentials
  • 55cd552 oauth2: support PKCE
  • e3fb0fb oauth2: support device flow
  • See full diff in compare view

Updates google.golang.org/api from 0.143.0 to 0.147.0

Release notes

Sourced from google.golang.org/api's releases.

v0.147.0

0.147.0 (2023-10-12)

Features

v0.146.0

0.146.0 (2023-10-08)

Features

v0.145.0

0.145.0 (2023-10-05)

Features

v0.144.0

0.144.0 (2023-10-04)

Features

  • all: Auto-regenerate discovery clients (#2187) (65ec288)
  • all: Auto-regenerate discovery clients (#2189) (ec24c23)
  • all: Auto-regenerate discovery clients (#2190) (f930302)
  • all: Auto-regenerate discovery clients (#2191) (0132460)
  • all: Auto-regenerate discovery clients (#2192) (8a3eb9b)
  • all: Auto-regenerate discovery clients (#2193) (

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 16, 2023
This was referenced Oct 16, 2023
Closed
Closed
Closed
@dependabot
Bump the backend group with 11 updates
fa41698 
Bumps the backend group with 11 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) | `0.42.1` | `0.46.0` |
| [github.com/hashicorp/golang-lru/v2](https://github.com/hashicorp/golang-lru) | `2.0.6` | `2.0.7` |
| [github.com/operator-framework/api](https://github.com/operator-framework/api) | `0.17.5` | `0.17.7` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.16.0` | `1.17.0` |
| [github.com/rs/cors](https://github.com/rs/cors) | `1.10.0` | `1.10.1` |
| [github.com/sigstore/cosign](https://github.com/sigstore/cosign) | `1.5.2` | `1.13.1` |
| [github.com/spf13/viper](https://github.com/spf13/viper) | `1.16.0` | `1.17.0` |
| [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `0.31.4` | `0.52.1` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.12.0` | `0.13.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.143.0` | `0.147.0` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.12.3` | `3.13.1` |


Updates `github.com/aquasecurity/trivy` from 0.42.1 to 0.46.0
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml)
- [Commits](aquasecurity/trivy@v0.42.1...v0.46.0)

Updates `github.com/hashicorp/golang-lru/v2` from 2.0.6 to 2.0.7
- [Release notes](https://github.com/hashicorp/golang-lru/releases)
- [Commits](hashicorp/golang-lru@v2.0.6...v2.0.7)

Updates `github.com/operator-framework/api` from 0.17.5 to 0.17.7
- [Release notes](https://github.com/operator-framework/api/releases)
- [Changelog](https://github.com/operator-framework/api/blob/master/RELEASE.md)
- [Commits](operator-framework/api@v0.17.5...v0.17.7)

Updates `github.com/prometheus/client_golang` from 1.16.0 to 1.17.0
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.16.0...v1.17.0)

Updates `github.com/rs/cors` from 1.10.0 to 1.10.1
- [Release notes](https://github.com/rs/cors/releases)
- [Commits](rs/cors@v1.10.0...v1.10.1)

Updates `github.com/sigstore/cosign` from 1.5.2 to 1.13.1
- [Release notes](https://github.com/sigstore/cosign/releases)
- [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md)
- [Commits](sigstore/cosign@v1.5.2...v1.13.1)

Updates `github.com/spf13/viper` from 1.16.0 to 1.17.0
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](spf13/viper@v1.16.0...v1.17.0)

Updates `github.com/tektoncd/pipeline` from 0.31.4 to 0.52.1
- [Release notes](https://github.com/tektoncd/pipeline/releases)
- [Changelog](https://github.com/tektoncd/pipeline/blob/main/releases.md)
- [Commits](tektoncd/pipeline@v0.31.4...v0.52.1)

Updates `golang.org/x/oauth2` from 0.12.0 to 0.13.0
- [Commits](golang/oauth2@v0.12.0...v0.13.0)

Updates `google.golang.org/api` from 0.143.0 to 0.147.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.143.0...v0.147.0)

Updates `helm.sh/helm/v3` from 3.12.3 to 3.13.1
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.12.3...v3.13.1)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: github.com/hashicorp/golang-lru/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
- dependency-name: github.com/operator-framework/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
- dependency-name: github.com/sigstore/cosign
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: github.com/tektoncd/pipeline
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/backend-2c51a1f627 branch from bb426ff to fa41698 Compare October 17, 2023 08:51
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 17, 2023

Looks like these dependencies are up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Oct 17, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/backend-2c51a1f627 branch October 17, 2023 12:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants