Merged dependabot pull requests, fixed gosec linter #71
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changed to daily interval for dependabot
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.0.0-20201016220609-9e8e0b390897 to 0.13.0. - [Commits](https://github.com/golang/crypto/commits/v0.13.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…g/x/crypto-0.13.0 Bump golang.org/x/crypto from 0.0.0-20201016220609-9e8e0b390897 to 0.13.0
Bumps [github.com/spf13/cast](https://github.com/spf13/cast) from 1.3.1 to 1.5.1. - [Release notes](https://github.com/spf13/cast/releases) - [Commits](spf13/cast@v1.3.1...v1.5.1) --- updated-dependencies: - dependency-name: github.com/spf13/cast dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…m/spf13/cast-1.5.1 Bump github.com/spf13/cast from 1.3.1 to 1.5.1
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.7.1 to 1.16.0. - [Release notes](https://github.com/spf13/viper/releases) - [Commits](spf13/viper@v1.7.1...v1.16.0) --- updated-dependencies: - dependency-name: github.com/spf13/viper dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…m/spf13/viper-1.16.0 Bump github.com/spf13/viper from 1.7.1 to 1.16.0
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.1.1 to 1.7.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.1.1...v1.7.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/c-bata/go-prompt](https://github.com/c-bata/go-prompt) from 0.2.5 to 0.2.6. - [Changelog](https://github.com/c-bata/go-prompt/blob/master/CHANGELOG.md) - [Commits](c-bata/go-prompt@v0.2.5...v0.2.6) --- updated-dependencies: - dependency-name: github.com/c-bata/go-prompt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…m/spf13/cobra-1.7.0 Bump github.com/spf13/cobra from 1.1.1 to 1.7.0
…m/c-bata/go-prompt-0.2.6 Bump github.com/c-bata/go-prompt from 0.2.5 to 0.2.6
sgsullivan
approved these changes
Sep 29, 2023
There was a problem hiding this comment.
lgtm 🤖
Ideally going forward to improve this project more:
- Add at least basic "smoke test" unit/integration tests.
- Wrap 1 in a github action check, required via branch protection rule on main branch.
- Consider updating current semi-manual release process to automatically publish a github release when a commit enters main branch.
- Setup github codeowners.
jakdept
approved these changes
Sep 29, 2023
| @@ -3,26 +3,15 @@ module github.com/liquidweb/liquidweb-cli | |||
| go 1.13 | |||
|
|
|||
| require ( | |||
| github.com/c-bata/go-prompt v0.2.5 | |||
| github.com/fsnotify/fsnotify v1.4.9 // indirect | |||
| github.com/c-bata/go-prompt v0.2.6 | |||
| github.com/google/go-github/v32 v32.1.0 | |||
| github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213 | |||
| github.com/liquidweb/go-lwApi v0.0.5 | |||
There was a problem hiding this comment.
we need a card for this line. I'll look at it next wek if you want for you.
|
yeah @sgsullivan we're going to be putting more time into this, and I've always been obsessive about testing and stuff like github actions and codeowners. Expect to see more over time. Currently I'm more focused on terraform, and there's shortly going to be a massive change to |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merged dependabot pull requests, fixed gosec linter issues during build