build(deps): bump the go-deps group across 1 directory with 6 updates #1598

dependabot · 2024-08-28T07:17:28Z

Bumps the go-deps group with 6 updates in the / directory:

Package	From	To
github.com/Masterminds/semver/v3	`3.2.1`	`3.3.0`
github.com/minio/minio-go/v7	`7.0.75`	`7.0.76`
github.com/notaryproject/notation-core-go	`1.0.3`	`1.1.0`
github.com/notaryproject/notation-go	`1.1.1`	`1.2.0`
github.com/prometheus/client_golang	`1.20.0`	`1.20.2`
google.golang.org/api	`0.190.0`	`0.194.0`

Updates github.com/Masterminds/semver/v3 from 3.2.1 to 3.3.0

Release notes

Sourced from github.com/Masterminds/semver/v3's releases.

v3.3.0

What's Changed

Fix: bad package in README by @sdelicata in Masterminds/semver#226

Updating the GitHub Actions and versions of Go used by @mattfarina in Masterminds/semver#229

Fix spelling in README by @robinschneider in Masterminds/semver#222

Adding go build cache to fuzz output by @mattfarina in Masterminds/semver#232

Add caching to fuzz testing by @mattfarina in Masterminds/semver#234

updating github actions by @mattfarina in Masterminds/semver#235

feat: nil version equality by @KnutZuidema in Masterminds/semver#213

add >= and <= by @grosser in Masterminds/semver#238

doc: hyphen range constraint without whitespace by @johnnychen94 in Masterminds/semver#216

Removing reference to vert by @mattfarina in Masterminds/semver#245

simplify StrictNewVersion by @grosser in Masterminds/semver#241

Updating the testing version of Go used by @mattfarina in Masterminds/semver#246

bumping min version in go.mod based on what's tested by @mattfarina in Masterminds/semver#248

Updating changelog for 3.3.0 by @mattfarina in Masterminds/semver#249

New Contributors

@sdelicata made their first contribution in Masterminds/semver#226

@robinschneider made their first contribution in Masterminds/semver#222

@KnutZuidema made their first contribution in Masterminds/semver#213

@grosser made their first contribution in Masterminds/semver#238

@johnnychen94 made their first contribution in Masterminds/semver#216

Full Changelog: Masterminds/semver@v3.2.1...v3.3.0

Changelog

Sourced from github.com/Masterminds/semver/v3's changelog.

3.3.0 (2024-08-27)

Added

#238: Add LessThanEqual and GreaterThanEqual functions (thanks @grosser)

#213: nil version equality checking (thanks @KnutZuidema)

Changed

#241: Simplify StrictNewVersion parsing (thanks @grosser)

Testing support up through Go 1.23

Minimum version set to 1.21 as this is what's tested now

Fuzz testing now supports caching

Commits

e6e3d4d Merge pull request #249 from mattfarina/update-changelog-3.3.0
e80c4ea Updating changelog for 3.3.0
80427ad Merge pull request #248 from mattfarina/bump-min-version
b610837 bumping min version in go.mod based on what's tested
a4cccd8 Merge pull request #246 from mattfarina/bump-go-1.23
7c178cf Updating the testing version of Go used
29f94c1 Merge pull request #241 from grosser/grosser/validate
2cf1b16 Merge pull request #245 from mattfarina/remove-vert
b55476a Removing reference to vert
d07450b simplify StrictNewVersion
Additional commits viewable in compare view

Updates github.com/minio/minio-go/v7 from 7.0.75 to 7.0.76

Release notes

Sourced from github.com/minio/minio-go/v7's releases.

Bugfix Release

What's Changed

Adjust functional tests for bucket cors, to detect NotImplemented response via logError by @marktheunissen in minio/minio-go#1989

Add configurable auto-checksum by @klauspost in minio/minio-go#1990

Full Changelog: minio/minio-go@v7.0.75...v7.0.76

Commits

e634c81 upgrade deps
21381fc Add configurable auto-checksum (#1990)
e337e77 Adjust functional tests for bucket cors, to detect NotImplemented response vi...
f755095 Update version to next release
See full diff in compare view

Updates github.com/notaryproject/notation-core-go from 1.0.3 to 1.1.0

Release notes

Sourced from github.com/notaryproject/notation-core-go's releases.

v1.1.0

Vote PASSED [+4 -0]: #225

What's Changed

build(deps): bump golang.org/x/crypto from 0.25.0 to 0.26.0 by @dependabot in notaryproject/notation-core-go#219

bump: bump up golang to v1.22 by @JeyJeyGao in notaryproject/notation-core-go#224

Full Changelog: notaryproject/notation-core-go@v1.1.0-rc.1...v1.1.0

v1.1.0-rc.1

Vote PASSED [+5 -0]: #218

What's Changed

build(deps): bump github.com/notaryproject/tspclient-go from 0.0.0-20240702050734-d91848411058 to 0.1.0 by @dependabot in notaryproject/notation-core-go#212

refactor!: update revocation by @Two-Hearts in notaryproject/notation-core-go#215

bump: bump up tspclient-go by @Two-Hearts in notaryproject/notation-core-go#217

Full Changelog: notaryproject/notation-core-go@v1.1.0-beta.1...v1.1.0-rc.1

v1.1.0-beta.1

Vote PASSED [+4 -0]: #213

What's Changed

build(deps): bump github.com/fxamacker/cbor/v2 from 2.6.0 to 2.7.0 by @dependabot in notaryproject/notation-core-go#208

build(deps): bump golang.org/x/crypto from 0.23.0 to 0.24.0 by @dependabot in notaryproject/notation-core-go#206

fix(ci): pass CODECOV_TOKEN to reusable-build.yml by @JeyJeyGao in notaryproject/notation-core-go#209

feat: Timestamp by @Two-Hearts in notaryproject/notation-core-go#207

build(deps): bump golang.org/x/crypto from 0.24.0 to 0.25.0 by @dependabot in notaryproject/notation-core-go#210

fix: fix signerInfo.authenticSigningTime according to spec by @Two-Hearts in notaryproject/notation-core-go#211

Full Changelog: notaryproject/notation-core-go@v1.0.3...v1.1.0-beta.1

Commits

55e3568 bump: bump up golang to v1.22 (#224)
235910b build(deps): bump golang.org/x/crypto from 0.25.0 to 0.26.0 (#219)
453a5eb bump: bump up tspclient-go (#217)
004b86d refactor!: update revocation (#215)
45dcf46 build(deps): bump github.com/notaryproject/tspclient-go from 0.0.0-2024070205...
f45197c fix: fix signerInfo.authenticSigningTime according to spec (#211)
e18808c build(deps): bump golang.org/x/crypto from 0.24.0 to 0.25.0 (#210)
faac9b7 feat: Timestamp (#207)
a1c0af6 fix(ci): pass CODECOV_TOKEN to reusable-build.yml (#209)
c85a3d9 build(deps): bump golang.org/x/crypto from 0.23.0 to 0.24.0 (#206)
Additional commits viewable in compare view

Updates github.com/notaryproject/notation-go from 1.1.1 to 1.2.0

Release notes

Sourced from github.com/notaryproject/notation-go's releases.

v1.2.0

Vote PASSED [+4 -0]: #445

What's Changed

bump: bump up for v1.2.0 release by @Two-Hearts in notaryproject/notation-go#442

Full Changelog: notaryproject/notation-go@v1.2.0-rc.1...v1.2.0

v1.2.0-rc.1

Vote PASSED [+4 -0]: #439

What's Changed

fix: improve error message for plugin by @JeyJeyGao in notaryproject/notation-go#406

feat: support distinguished name state(S) by @JeyJeyGao in notaryproject/notation-go#432

refactor!: update revocation based on notation-core-go by @Two-Hearts in notaryproject/notation-go#429

refactor!: remove blob sign/verify related code by @Two-Hearts in notaryproject/notation-go#437

Full Changelog: notaryproject/notation-go@v1.2.0-beta.1...v1.2.0-rc.1

v1.2.0-beta.1

Vote PASSED [+4 -0]: #427

What's Changed

fix: update error message by @JeyJeyGao in notaryproject/notation-go#380

bump: bump up oras-go and image-spec by @Two-Hearts in notaryproject/notation-go#381

chore: start using plugin-framework package by @priteshbandi in notaryproject/notation-go#372

build(deps): bump golang.org/x/crypto from 0.18.0 to 0.19.0 by @dependabot in notaryproject/notation-go#383

build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc6 to 1.1.0 by @dependabot in notaryproject/notation-go#385

build(deps): bump golang.org/x/mod from 0.14.0 to 0.15.0 by @dependabot in notaryproject/notation-go#384

chore: updated/added deprecation message by @priteshbandi in notaryproject/notation-go#382

build(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 by @dependabot in notaryproject/notation-go#387

feat: add support for signing blob by @priteshbandi in notaryproject/notation-go#379

chore: add GitHub action for stale issues and PRs by @yizha1 in notaryproject/notation-go#365

build(deps): bump golang.org/x/crypto from 0.20.0 to 0.21.0 by @dependabot in notaryproject/notation-go#389

build(deps): bump golang.org/x/mod from 0.15.0 to 0.16.0 by @dependabot in notaryproject/notation-go#388

fix: Add contract version to plugin sign request and plugin verify request by @priteshbandi in notaryproject/notation-go#390

bump: bump golang and dependency versions by @Two-Hearts in notaryproject/notation-go#392

build(deps): bump actions/stale from 8 to 9 by @dependabot in notaryproject/notation-go#391

Moved org maintainers to emeritus by @toddysm in notaryproject/notation-go#393

build(deps): bump golang.org/x/mod from 0.16.0 to 0.17.0 by @dependabot in notaryproject/notation-go#397

build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.6 to 3.4.7 by @dependabot in notaryproject/notation-go#395

build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.7 to 3.4.8 by @dependabot in notaryproject/notation-go#399

build(deps): bump golang.org/x/crypto from 0.21.0 to 0.22.0 by @dependabot in notaryproject/notation-go#396

build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0 by @dependabot in notaryproject/notation-go#403

test: improve test coverage to 80% by @JeyJeyGao in notaryproject/notation-go#405

fix: error message for dangling reference index by @JeyJeyGao in notaryproject/notation-go#402

bump: bump up notation-core-go v1.0.3 by @JeyJeyGao in notaryproject/notation-go#407

ci: enable ci for release branch by @JeyJeyGao in notaryproject/notation-go#409

... (truncated)

Commits

a6ca9ee bump: release v1.2.0
7260694 bump: bump up for v1.2.0 release (#442)
a83c5be refactor!: remove blob sign/verify related code (#437)
3c5a659 refactor!: update revocation based on notation-core-go (#429)
c3b2f51 feat: support distinguished name state(S) (#432)
09e32d7 fix: improve error message for plugin (#406)
b3b8cbe bump: bump up notation-core-go (#426)
8340920 fix: fix usage of SignerInfo.AuthenticSigningTime (#424)
8ada12a chore: fix logs (#417)
b525831 feat: Timestamp (#418)
Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.20.0 to 1.20.2

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.2

[BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

v1.20.1

This release contains the critical fix for the issue. Thanks to @geberl, @CubicrootXYZ, @zetaab and @timofurrer for helping us with the investigation!

[BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on Linux machines. #1587

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.2 / 2024-08-23

[BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

1.20.1 / 2024-08-20

[BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on linux machines. #1587

Commits

67121dc Merge pull request #1596 from mrueg/fix-uncompressed-content-header
187acd4 Cut 1.20.2
f7f8f3a fix: Unset Content-Encoding header when uncompressed
2254d6c Merge pull request #1587 from prometheus/fix-processcollector
4a15d05 Cut 1.20.1
f2dd7b3 Use pedantic registry in other places too, to double check.
261fe84 bugfix: Pass network metrics to processCollector's Describe() function
5bf3341 Use NewPedanticRegistry in Process' Collector tests
See full diff in compare view

Updates google.golang.org/api from 0.190.0 to 0.194.0

Release notes

Sourced from google.golang.org/api's releases.

v0.194.0

0.194.0 (2024-08-22)

Features

all: Auto-regenerate discovery clients (#2746) (5d61f08)

Bug Fixes

gen: Change HttpBody.Data from string to any for monitoring:v1 (#2744) (eda6a59), refs #2304

v0.193.0

0.193.0 (2024-08-20)

Features

all: Auto-regenerate discovery clients (#2733) (4118ec2)

all: Auto-regenerate discovery clients (#2736) (6b81f1a)

all: Auto-regenerate discovery clients (#2737) (a2308c1)

all: Auto-regenerate discovery clients (#2738) (7296c72)

all: Auto-regenerate discovery clients (#2739) (9d915ff)

all: Auto-regenerate discovery clients (#2742) (cb825c8)

v0.192.0

0.192.0 (2024-08-13)

Features

all: Auto-regenerate discovery clients (#2725) (b2c7c05)

all: Auto-regenerate discovery clients (#2727) (36e3fa7)

all: Auto-regenerate discovery clients (#2728) (97c7f2e)

all: Auto-regenerate discovery clients (#2729) (a0ed1f3)

Move storage, bigquery, and compute to new auth lib (#2730) (2b4e9f4)

Bug Fixes

internal/cba: Update credsNewAuth path to use nil oauth2 client (#2731) (b457582)

v0.191.0

0.191.0 (2024-08-07)

Features

all: Auto-regenerate discovery clients (#2719) (a5ddb40)

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.194.0 (2024-08-22)

Features

all: Auto-regenerate discovery clients (#2746) (5d61f08)

Bug Fixes

gen: Change HttpBody.Data from string to any for monitoring:v1 (#2744) (eda6a59), refs #2304

0.193.0 (2024-08-20)

Features

all: Auto-regenerate discovery clients (#2733) (4118ec2)

all: Auto-regenerate discovery clients (#2736) (6b81f1a)

all: Auto-regenerate discovery clients (#2737) (a2308c1)

all: Auto-regenerate discovery clients (#2738) (7296c72)

all: Auto-regenerate discovery clients (#2739) (9d915ff)

all: Auto-regenerate discovery clients (#2742) (cb825c8)

0.192.0 (2024-08-13)

Features

all: Auto-regenerate discovery clients (#2725) (b2c7c05)

all: Auto-regenerate discovery clients (#2727) (36e3fa7)

all: Auto-regenerate discovery clients (#2728) (97c7f2e)

all: Auto-regenerate discovery clients (#2729) (a0ed1f3)

Move storage, bigquery, and compute to new auth lib (#2730) (2b4e9f4)

Bug Fixes

internal/cba: Update credsNewAuth path to use nil oauth2 client (#2731) (b457582)

0.191.0 (2024-08-07)

Features

all: Auto-regenerate discovery clients (#2719) (a5ddb40)

all: Auto-regenerate discovery clients (#2722) (0d15913)

all: Auto-regenerate discovery clients (#2724) (918e3d2)

... (truncated)

Commits

cd95a34 chore(main): release 0.194.0 (#2747)
eda6a59 fix(gen): change HttpBody.Data from string to any for monitoring:v1 (#2744)
f836095 chore(all): Updating auth library version (#2748)
5d61f08 feat(all): auto-regenerate discovery clients (#2746)
d994b67 chore(main): release 0.193.0 (#2734)
254bbe1 chore(all): update all (#2740)
cb825c8 feat(all): auto-regenerate discovery clients (#2742)
9d915ff feat(all): auto-regenerate discovery clients (#2739)
7296c72 feat(all): auto-regenerate discovery clients (#2738)
a2308c1 feat(all): auto-regenerate discovery clients (#2737)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-deps group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) | `3.2.1` | `3.3.0` | | [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) | `7.0.75` | `7.0.76` | | [github.com/notaryproject/notation-core-go](https://github.com/notaryproject/notation-core-go) | `1.0.3` | `1.1.0` | | [github.com/notaryproject/notation-go](https://github.com/notaryproject/notation-go) | `1.1.1` | `1.2.0` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.20.0` | `1.20.2` | | [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.190.0` | `0.194.0` | Updates `github.com/Masterminds/semver/v3` from 3.2.1 to 3.3.0 - [Release notes](https://github.com/Masterminds/semver/releases) - [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md) - [Commits](Masterminds/semver@v3.2.1...v3.3.0) Updates `github.com/minio/minio-go/v7` from 7.0.75 to 7.0.76 - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](minio/minio-go@v7.0.75...v7.0.76) Updates `github.com/notaryproject/notation-core-go` from 1.0.3 to 1.1.0 - [Release notes](https://github.com/notaryproject/notation-core-go/releases) - [Commits](notaryproject/notation-core-go@v1.0.3...v1.1.0) Updates `github.com/notaryproject/notation-go` from 1.1.1 to 1.2.0 - [Release notes](https://github.com/notaryproject/notation-go/releases) - [Commits](notaryproject/notation-go@v1.1.1...v1.2.0) Updates `github.com/prometheus/client_golang` from 1.20.0 to 1.20.2 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.20.0...v1.20.2) Updates `google.golang.org/api` from 0.190.0 to 0.194.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.190.0...v0.194.0) --- updated-dependencies: - dependency-name: github.com/Masterminds/semver/v3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/minio/minio-go/v7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-deps - dependency-name: github.com/notaryproject/notation-core-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/notaryproject/notation-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-deps - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-08-29T02:23:43Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added the dependencies Pull requests that update a dependency label Aug 28, 2024

dependabot bot closed this Aug 29, 2024

dependabot bot deleted the dependabot/go_modules/go-deps-2ee1e5a97b branch August 29, 2024 02:23

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the go-deps group across 1 directory with 6 updates #1598

build(deps): bump the go-deps group across 1 directory with 6 updates #1598

dependabot bot commented on behalf of github Aug 28, 2024 •

edited

Loading

dependabot bot commented on behalf of github Aug 29, 2024

build(deps): bump the go-deps group across 1 directory with 6 updates #1598

build(deps): bump the go-deps group across 1 directory with 6 updates #1598

Conversation

dependabot bot commented on behalf of github Aug 28, 2024 • edited Loading

v3.3.0

What's Changed

New Contributors

3.3.0 (2024-08-27)

Added

Changed

Bugfix Release

What's Changed

v1.1.0

What's Changed

v1.1.0-rc.1

What's Changed

v1.1.0-beta.1

What's Changed

v1.2.0

What's Changed

v1.2.0-rc.1

What's Changed

v1.2.0-beta.1

What's Changed

v1.20.2

v1.20.1

1.20.2 / 2024-08-23

1.20.1 / 2024-08-20

v0.194.0

0.194.0 (2024-08-22)

Features

Bug Fixes

v0.193.0

0.193.0 (2024-08-20)

Features

v0.192.0

0.192.0 (2024-08-13)

Features

Bug Fixes

v0.191.0

0.191.0 (2024-08-07)

Features

0.194.0 (2024-08-22)

Features

Bug Fixes

0.193.0 (2024-08-20)

Features

0.192.0 (2024-08-13)

Features

Bug Fixes

0.191.0 (2024-08-07)

Features

dependabot bot commented on behalf of github Aug 29, 2024

dependabot bot commented on behalf of github Aug 28, 2024 •

edited

Loading