chore(deps): bump github.com/gemaraproj/go-gemara from 0.0.1 to 0.3.0

[dependabot]

Bumps github.com/gemaraproj/go-gemara from 0.0.1 to 0.3.0.

Release notes

Sourced from github.com/gemaraproj/go-gemara's releases.

v0.3.0

Changelog

🚀 Features

• feat: updates schema version to Gemara v1 @​jpower432 (#55)

🧰 Maintenance

• feat: updates schema version to Gemara v1 @​jpower432 (#55)
• ci: use go.mod for Go version in release workflow @​jpower432 (#54)

See details of all code changes since previous release

v0.2.0

Changelog

🚀 Features

• feat: add security-insights.yml for OSPS baseline scanning @​sonupreetam (#50)
• feat!: replace per-type loaders with Load generics and Fetcher interface @​jpower432 (#47)
• feat: Export supported schema version identifier @​eddie-knight (#49)

🐛 Bug Fixes

• fix!: add context.Context to Fetcher interface for request lifecycle @​jpower432 (#53)

See details of all code changes since previous release

v0.1.1

What's Changed

• fix: add invalid zero-value default to enum iota blocks by @​jpower432 in gemaraproj/go-gemara#46
• fix: adjusted catalog md title to match baseline's current generator by @​eddie-knight in gemaraproj/go-gemara#48

Full Changelog: gemaraproj/go-gemara@v0...v0.1.1

v0.1.0

Changelog

🚀 Features

• feat: Added markdown generator for Control Catalogs @​eddie-knight (#41)

🐛 Bug Fixes

• fix: updates enums to be consistent with v1.0.0-rc.2 @​jpower432 (#44)

🧰 Maintenance

• chore(deps): Bump the dependencies group across 1 directory with 2 updates @dependabot[bot] (#42)

See details of all code changes since previous release

... (truncated)

Commits

• 192aeb0 chore: updates schema version to Gemara v1 (#55)
• 5e40d27 ci: use go.mod for Go version in release workflow (#54)
• b04aa87 fix!: add context.Context to Fetcher interface for request lifecycle control ...
• 110bffc feat: add security-insights.yml for OSPS baseline scanning (#50)
• e7e69c9 feat!: replace per-type loaders with Load generics and Fetcher interface (#47)
• 7da5e45 feat: Export supported schema version identifier (#49)
• 017026a fix: adjusted catalog md title to match baseline's current generator (#48)
• e026e28 fix: add invalid zero-value default to enum iota blocks (#46)
• 0495843 chore(deps): Bump the dependencies group with 2 updates (#42)
• 8a0209b feat: Added markdown generator for Control Catalogs (#41)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🤖 Standardized Dependabot Review Summary 🤖

This PR was processed by the organization's reusable CI pipeline.

• Dependencies Review: success
  • View detailed logs
• Calculated Risk: medium
• Dependency Usage: At least 5 repositories are using this dependency version

---

Maintainer check list:

1. Ensure the PR passed all CI tests (required status checks).
2. Investigate failures for Major updates or any manual review requirement.
3. Don't overlook breaking changes and changelog information.
4. If the scorecard value is low, consider to contribute to make it higher. Everybody wins!
5. Be diligent. When in doubt, ask another maintainer for additional review.

[github-actions]

CRAP Load Analysis

No Go code changes detected in this PR. No CRAP impact.

[hbraswelrh]

@marcusburghardt This PR overtakes the updates made in PR #419 to update to go-gemara v0.2.0 apart from the function changes and testdata. Should this PR be dependent on PR #419 or the new starting point for the update? Following the changes in this PR, the testdata would require an update to gemara v1 rather than a v1.0.0-rc.x, but this PR would cover the vendor files and the go deps.

[marcusburghardt]

Hi @hbraswelrh , these dependabot PRs are limited to dependency management so they can't refactor the existing code to adapt the new dependency versions (there are breaking changes). We need to do this in a separate PRs and once merged, these dependabot PRs will be automatically closed.

[hbraswelrh]

Hi @hbraswelrh , these dependabot PRs are limited to dependency management so they can't refactor the existing code to adapt the new dependency versions (there are breaking changes). We need to do this in a separate PRs and once merged, these dependabot PRs will be automatically closed.

Perfect. I am working on a separate PR now to refactor the changes in PR #419 which could close this PR (469) and PR (419).

[dependabot]

Looks like github.com/gemaraproj/go-gemara is up-to-date now, so this is no longer needed.