chore(deps): bump github.com/google/ko from 0.15.2 to 0.15.4 (#4885)

Bumps [github.com/google/ko](https://github.com/google/ko) from 0.15.2 to 0.15.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/ko/releases">github.com/google/ko's releases</a>.</em></p> <blockquote> <h2>v0.15.4</h2> <h2>What's Changed</h2> <ul> <li> <p>Refactor global values to be defaults by <a href="https://github.com/nmittler"><code>@nmittler</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1318">ko-build/ko#1318</a></p> </li> <li> <p>Bump actions/checkout from 4.1.5 to 4.1.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1316">ko-build/ko#1316</a></p> </li> <li> <p>Bump github.com/docker/docker from 26.1.2+incompatible to 26.1.3+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1315">ko-build/ko#1315</a></p> </li> <li> <p>Bump github/codeql-action from 2.13.4 to 3.25.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1319">ko-build/ko#1319</a></p> </li> <li> <p>Bump github/codeql-action from 3.25.5 to 3.25.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1321">ko-build/ko#1321</a></p> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/ko-build/ko/compare/v0.15.3...v0.15.4">https://github.com/ko-build/ko/compare/v0.15.3...v0.15.4</a></p> <h2>v0.15.3</h2> <p>🚨 We are investigating an issue with this release 🚨 See <a href="https://redirect.github.com/ko-build/ko/issues/1317">ko-build/ko#1317</a> for more details.</p> <h2>What's Changed</h2> <ul> <li>Bump golang/govulncheck-action from 1.0.1 to 1.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1244">ko-build/ko#1244</a></li> <li>Fix fly.io deployment docs by <a href="https://github.com/imjasonh"><code>@imjasonh</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1247">ko-build/ko#1247</a></li> <li>Bump golang.org/x/tools from 0.18.0 to 0.19.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1249">ko-build/ko#1249</a></li> <li>Update setup-ko action link in install.md by <a href="https://github.com/koki-develop"><code>@koki-develop</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1256">ko-build/ko#1256</a></li> <li>Fix kind image names with --bare by <a href="https://github.com/aidy"><code>@aidy</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1027">ko-build/ko#1027</a></li> <li>fix: update github.com/awslabs/amazon-ecr-credential-helper to latest version by <a href="https://github.com/nesty92"><code>@nesty92</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1267">ko-build/ko#1267</a></li> <li>drop go1.20 and start testing with go1.22 and ci updates by <a href="https://github.com/cpanato"><code>@cpanato</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1251">ko-build/ko#1251</a></li> <li>Bump slsa-framework/slsa-github-generator from 1.9.0 to 1.10.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1265">ko-build/ko#1265</a></li> <li>Bump reviewdog/action-misspell from 1.15.0 to 1.16.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1252">ko-build/ko#1252</a></li> <li>Bump github.com/google/go-containerregistry from 0.19.0 to 0.19.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1258">ko-build/ko#1258</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1255">ko-build/ko#1255</a></li> <li>Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1257">ko-build/ko#1257</a></li> <li>Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1253">ko-build/ko#1253</a></li> <li>Bump actions/setup-python from 5.0.0 to 5.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1269">ko-build/ko#1269</a></li> <li>Bump k8s.io/apimachinery from 0.29.2 to 0.29.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1259">ko-build/ko#1259</a></li> <li>Bump github.com/docker/docker from 25.0.3+incompatible to 26.0.0+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1263">ko-build/ko#1263</a></li> <li>Bump reviewdog/action-misspell from 1.16.0 to 1.17.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1270">ko-build/ko#1270</a></li> <li>Add support for setting capabilities on the app binary by <a href="https://github.com/mejedi"><code>@mejedi</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1271">ko-build/ko#1271</a></li> <li>Bump golang.org/x/sync from 0.6.0 to 0.7.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1273">ko-build/ko#1273</a></li> <li>Bump golang.org/x/tools from 0.19.0 to 0.20.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1272">ko-build/ko#1272</a></li> <li>Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1275">ko-build/ko#1275</a></li> <li>Bump github.com/docker/docker from 26.0.0+incompatible to 26.0.1+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1277">ko-build/ko#1277</a></li> <li>chore: fix function names in comment by <a href="https://github.com/camcui"><code>@camcui</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1278">ko-build/ko#1278</a></li> <li>Bump k8s.io/apimachinery from 0.29.3 to 0.29.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1279">ko-build/ko#1279</a></li> <li>Fix AWS Lambda advanced docs by <a href="https://github.com/mattn"><code>@mattn</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1281">ko-build/ko#1281</a></li> <li>Bump actions/upload-artifact from 4.3.1 to 4.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1284">ko-build/ko#1284</a></li> <li>Bump github.com/docker/docker from 26.0.1+incompatible to 26.0.2+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1283">ko-build/ko#1283</a></li> <li>Bump actions/checkout from 4.1.2 to 4.1.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1285">ko-build/ko#1285</a></li> <li>Bump github.com/docker/docker from 26.0.2+incompatible to 26.1.0+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1286">ko-build/ko#1286</a></li> <li>Bump actions/upload-artifact from 4.3.2 to 4.3.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1288">ko-build/ko#1288</a></li> <li>Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1287">ko-build/ko#1287</a></li> <li>Bump actions/checkout from 4.1.3 to 4.1.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ko-build/ko/pull/1290">ko-build/ko#1290</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ko-build/ko/commit/c9e27f0dae0b9db53e19d521bbc5ee811ce00e39"><code>c9e27f0</code></a> Update integration_test.sh</li> <li><a href="https://github.com/ko-build/ko/commit/7cb29ac9b8f0dbdea83e2828fb9da040752b2053"><code>7cb29ac</code></a> Refactor global values to be defaults</li> <li><a href="https://github.com/ko-build/ko/commit/29e852e8bbd76d65722c57497106adb1378f885f"><code>29e852e</code></a> Merge pull request <a href="https://redirect.github.com/google/ko/issues/1321">#1321</a> from ko-build/dependabot/github_actions/github/codeq...</li> <li><a href="https://github.com/ko-build/ko/commit/74f02a8f5989e979bbc10ac067ae8d4cbd22537e"><code>74f02a8</code></a> ---</li> <li><a href="https://github.com/ko-build/ko/commit/81723216fa527be864baee6f6518fa0895e12710"><code>8172321</code></a> Merge pull request <a href="https://redirect.github.com/google/ko/issues/1319">#1319</a> from ko-build/dependabot/github_actions/github/codeq...</li> <li><a href="https://github.com/ko-build/ko/commit/f979606b996aa20b6c6ad01226b726e1cb2777e7"><code>f979606</code></a> Bump github/codeql-action from 2.13.4 to 3.25.5</li> <li><a href="https://github.com/ko-build/ko/commit/bb99eccfe235e7b583c857bb1bafbf45f72178d1"><code>bb99ecc</code></a> Merge pull request <a href="https://redirect.github.com/google/ko/issues/1315">#1315</a> from ko-build/dependabot/go_modules/github.com/docke...</li> <li><a href="https://github.com/ko-build/ko/commit/dcb8f4edfe8463aba0554e8cd03e58b1bd650f0a"><code>dcb8f4e</code></a> Merge pull request <a href="https://redirect.github.com/google/ko/issues/1316">#1316</a> from ko-build/dependabot/github_actions/actions/chec...</li> <li><a href="https://github.com/ko-build/ko/commit/7e47ec504a307bc63b4e2254434b9644dcf33841"><code>7e47ec5</code></a> Bump actions/checkout from 4.1.5 to 4.1.6</li> <li><a href="https://github.com/ko-build/ko/commit/459bf48a23b48e5423109fd30ea0eca546279709"><code>459bf48</code></a> Bump github.com/docker/docker</li> <li>Additional commits viewable in <a href="https://github.com/google/ko/compare/v0.15.2...v0.15.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/google/ko&package-manager=go_modules&previous-version=0.15.2&new-version=0.15.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
goreleaser · May 22, 2024 · de796eb · de796eb
1 parent 1c66ce4
commit de796eb
Show file tree

Hide file tree

Showing 2 changed files with 61 additions and 70 deletions.
diff --git a/go.mod b/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/Masterminds/semver/v3 v3.2.1
 	github.com/anchore/quill v0.4.1
 	github.com/atc0005/go-teams-notify/v2 v2.10.0
-	github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20231024185945-8841054dbdb8
+	github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20240514230400-03fa26f5508f
 	github.com/bluesky-social/indigo v0.0.0-20240411170459-440932307e0d
 	github.com/caarlos0/ctrlc v1.2.0
 	github.com/caarlos0/env/v11 v11.0.0
@@ -28,7 +28,7 @@ require (
 	github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.5.1
 	github.com/google/go-containerregistry v0.19.1
 	github.com/google/go-github/v62 v62.0.0
-	github.com/google/ko v0.15.2
+	github.com/google/ko v0.15.4
 	github.com/google/uuid v1.6.0
 	github.com/goreleaser/fileglob v1.3.0
 	github.com/goreleaser/nfpm/v2 v2.37.1
@@ -57,6 +57,8 @@ require (
 	gopkg.in/yaml.v3 v3.0.1
 )
 
+require github.com/moby/docker-image-spec v1.3.1 // indirect
+
 require (
 	cloud.google.com/go v0.112.1 // indirect
 	cloud.google.com/go/compute/metadata v0.3.0 // indirect
@@ -94,28 +96,28 @@ require (
 	github.com/anchore/go-macholibre v0.0.0-20220308212642-53e6d0aaf6fb // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/aws/aws-sdk-go v1.53.0
-	github.com/aws/aws-sdk-go-v2 v1.26.0 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.26.1 // indirect
 	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.1 // indirect
-	github.com/aws/aws-sdk-go-v2/config v1.27.9 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.9 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.0 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.27.13 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.13 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.9 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.4 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.4 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ecr v1.20.2 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.18.2 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ecr v1.28.0 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.23.5 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.2 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.5 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.6 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.7 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/kms v1.30.0 // indirect
 	github.com/aws/aws-sdk-go-v2/service/s3 v1.51.4 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.20.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.28.5 // indirect
-	github.com/aws/smithy-go v1.20.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.20.6 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.24.0 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.28.7 // indirect
+	github.com/aws/smithy-go v1.20.2 // indirect
 	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
 	github.com/bahlo/generic-list-go v0.2.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
@@ -141,8 +143,8 @@ require (
 	github.com/distribution/reference v0.5.0 // indirect
 	github.com/docker/cli v25.0.4+incompatible // indirect
 	github.com/docker/distribution v2.8.3+incompatible // indirect
-	github.com/docker/docker v25.0.5+incompatible // indirect
-	github.com/docker/docker-credential-helpers v0.8.0 // indirect
+	github.com/docker/docker v26.1.3+incompatible // indirect
+	github.com/docker/docker-credential-helpers v0.8.1 // indirect
 	github.com/docker/go-connections v0.4.0 // indirect
 	github.com/docker/go-metrics v0.0.1 // indirect
 	github.com/docker/go-units v0.5.0
@@ -320,7 +322,7 @@ require (
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	lukechampine.com/blake3 v1.2.1 // indirect
-	sigs.k8s.io/kind v0.22.0 // indirect
+	sigs.k8s.io/kind v0.23.0 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 	software.sslmate.com/src/go-pkcs12 v0.4.0 // indirect
 )